Workaround ssh_get_user_home_dir on LDAP accounts

(cherry picked from commit 7150cabafa)

.clang_complete

@@ -1 +0,0 @@
--Iinclude -Ibuild

CMakeLists.txt

@@ -7,8 +7,8 @@ cmake_minimum_required(VERSION 2.6.0)
 set(APPLICATION_NAME ${PROJECT_NAME})
 
 set(APPLICATION_VERSION_MAJOR "0")
-set(APPLICATION_VERSION_MINOR "5")
-set(APPLICATION_VERSION_PATCH "0")
+set(APPLICATION_VERSION_MINOR "4")
+set(APPLICATION_VERSION_PATCH "8")
 
 set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}")
 
@@ -19,7 +19,7 @@ set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINO
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "4.2.0")
+set(LIBRARY_VERSION "4.1.4")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
@@ -29,8 +29,8 @@ set(CMAKE_MODULE_PATH
 
 # add definitions
 include(DefineCMakeDefaults)
-include(DefinePlatformDefaults)
 include(DefineCompilerFlags)
+include(DefinePlatformDefaults)
 include(DefineInstallationPaths)
 include(DefineOptions.cmake)
 include(CPackConfig.cmake)
@@ -44,9 +44,7 @@ include(MacroAddPlugin)
 include(MacroCopyFile)
 
 # search for libraries
-if (WITH_LIBZ)
-    find_package(ZLIB REQUIRED)
-endif (WITH_LIBZ)
+find_package(ZLIB REQUIRED)
 
 if (WITH_GCRYPT)
   find_package(GCrypt REQUIRED)
@@ -63,10 +61,6 @@ else (WITH_GCRYPT)
   endif (NOT OPENSSL_FOUND)
 endif(WITH_GCRYPT)
 
-# Find out if we have threading available
-set(CMAKE_THREAD_PREFER_PTHREADS ON)
-find_package(Threads)
-
 # config.h checks
 include(ConfigureChecks.cmake)
 configure_file(config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config.h)
@@ -74,44 +68,12 @@ configure_file(config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config.h)
 # check subdirectories
 add_subdirectory(doc)
 add_subdirectory(include)
-add_subdirectory(src)
+add_subdirectory(libssh)
 
-# pkg-config file
-configure_file(libssh.pc.cmake ${CMAKE_CURRENT_BINARY_DIR}/libssh.pc)
-install(
-  FILES
-    ${CMAKE_CURRENT_BINARY_DIR}/libssh.pc
-  DESTINATION
-    ${LIB_INSTALL_DIR}/pkgconfig
-  COMPONENT
-    pkgconfig
-)
+# build samples
+include_directories(${CMAKE_SOURCE_DIR}/include)
 
-add_subdirectory(examples)
-
-if (WITH_TESTING)
-  find_package(CMockery REQUIRED)
-  include(AddCMockeryTest)
-  add_subdirectory(tests)
-endif (WITH_TESTING)
-
-
-message(STATUS "********************************************")
-message(STATUS "********** ${PROJECT_NAME} build options : **********")
-
-message(STATUS "zlib support: ${WITH_LIBZ}")
-message(STATUS "libgcrypt support: ${WITH_GCRYPT}")
-message(STATUS "SSH-1 support: ${WITH_SSH1}")
-message(STATUS "SFTP support: ${WITH_SFTP}")
-message(STATUS "Server support : ${WITH_SERVER}")
-message(STATUS "Pcap debugging support : ${WITH_PCAP}")
-message(STATUS "Unit testing: ${WITH_TESTING}")
-message(STATUS "Client code Unit testing: ${WITH_CLIENT_TESTING}")
-if (WITH_INTERNAL_DOC)
-    message(STATUS "Internal documentation generation")
-else (WITH_INTERNAL_DOC)
-    message(STATUS "Public API documentation generation")
-endif (WITH_INTERNAL_DOC)
-message(STATUS "Benchmarks: ${WITH_BENCHMARKS}")
-message(STATUS "********************************************")
+if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
+  add_subdirectory(examples)
+endif (CMAKE_SYSTEM_NAME STREQUAL "Linux")
 

CPackConfig.cmake

@@ -12,8 +12,8 @@ set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING")
 
 ### versions
 set(CPACK_PACKAGE_VERSION_MAJOR "0")
-set(CPACK_PACKAGE_VERSION_MINOR "5")
-set(CPACK_PACKAGE_VERSION_PATCH "0")
+set(CPACK_PACKAGE_VERSION_MINOR "4")
+set(CPACK_PACKAGE_VERSION_PATCH "8")
 set(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
 
 
@@ -27,12 +27,12 @@ if (WIN32)
 
     ### nsis generator
     find_package(NSIS)
-    if (NSIS_MAKE)
+    if (HAVE_NSIS)
         set(CPACK_GENERATOR "${CPACK_GENERATOR};NSIS")
         set(CPACK_NSIS_DISPLAY_NAME "The SSH Library")
         set(CPACK_NSIS_COMPRESSOR "/SOLID zlib")
         set(CPACK_NSIS_MENU_LINKS "http://www.libssh.org/" "libssh homepage")
-    endif (NSIS_MAKE)
+    endif (HAVE_NSIS)
 endif (WIN32)
 
 set(CPACK_PACKAGE_INSTALL_DIRECTORY "libssh")

CTestConfig.cmake

@@ -1,9 +0,0 @@
-set(UPDATE_TYPE "true")
-
-set(CTEST_PROJECT_NAME "libssh")
-set(CTEST_NIGHTLY_START_TIME "01:00:00 CET")
-
-set(CTEST_DROP_METHOD "http")
-set(CTEST_DROP_SITE "test.libssh.org")
-set(CTEST_DROP_LOCATION "/submit.php?project=libssh")
-set(CTEST_DROP_SITE_CDASH TRUE)

ChangeLog

@@ -1,18 +1,6 @@
 ChangeLog
 ==========
 
-version 0.5.0 (released 2011-06-01)
-  * Added ssh_ prefix to all functions.
-  * Added complete Windows support.
-  * Added improved server support.
-  * Added unit tests for a lot of functions.
-  * Added asynchronous service request.
-  * Added a multiplatform ssh_getpass() function.
-  * Added a tutorial.
-  * Added a lot of documentation.
-  * Fixed a lot of bugs.
-  * Fixed several memory leaks.
-
 version 0.4.8 (released 2011-01-15)
   * Fixed memory leaks in session signing.
   * Fixed memory leak in ssh_print_hexa.

ConfigureChecks.cmake

@@ -1,4 +1,5 @@
 include(CheckIncludeFile)
+include(CheckIncludeFiles)
 include(CheckSymbolExists)
 include(CheckFunctionExists)
 include(CheckLibraryExists)
@@ -17,13 +18,9 @@ set(BINARYDIR ${CMAKE_BINARY_DIR})
 set(SOURCEDIR ${CMAKE_SOURCE_DIR})
 
 function(COMPILER_DUMPVERSION _OUTPUT_VERSION)
-    # Remove whitespaces from the argument.
-    # This is needed for CC="ccache gcc" cmake ..
-    string(REPLACE " " "" _C_COMPILER_ARG "${CMAKE_C_COMPILER_ARG1}")
-
     execute_process(
         COMMAND
-            ${CMAKE_C_COMPILER} ${_C_COMPILER_ARG} -dumpversion
+            ${CMAKE_C_COMPILER} ${CMAKE_C_COMPILER_ARG1} -dumpversion
         OUTPUT_VARIABLE _COMPILER_VERSION
     )
 
@@ -46,11 +43,14 @@ check_include_file(pty.h HAVE_PTY_H)
 check_include_file(termios.h HAVE_TERMIOS_H)
 
 if (WIN32)
-  check_include_file(wspiapi.h HAVE_WSPIAPI_H)
+  check_include_files("winsock2.h;ws2tcpip.h;wspiapi.h" HAVE_WSPIAPI_H)
   if (NOT HAVE_WSPIAPI_H)
-    message(STATUS "WARNING: Without wspiapi.h, this build will only work on Windows XP and newer versions")
+    message(STATUS "WARNING: Without wspiapi.h (or dependencies), this build will only work on Windows XP and newer versions")
   endif (NOT HAVE_WSPIAPI_H)
-  check_include_file(ws2tcpip.h HAVE_WS2TCPIP_H)
+  check_include_files("winsock2.h;ws2tcpip.h" HAVE_WS2TCPIP_H)
+  if (NOT HAVE_WS2TCPIP_H)
+    message(ERROR "WARNING: Does not have ws2tcpip.h or winsock2.h")
+  endif (NOT HAVE_WS2TCPIP_H)
   if (HAVE_WSPIAPI_H OR HAVE_WS2TCPIP_H)
     set(HAVE_GETADDRINFO TRUE)
     set(HAVE_GETHOSTBYNAME TRUE)
@@ -68,10 +68,6 @@ check_include_file(openssl/blowfish.h HAVE_OPENSSL_BLOWFISH_H)
 set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
 check_include_file(openssl/des.h HAVE_OPENSSL_DES_H)
 
-if (CMAKE_HAVE_PTHREAD_H)
-  set(HAVE_PTHREAD_H 1)
-endif (CMAKE_HAVE_PTHREAD_H)
-
 # FUNCTIONS
 
 check_function_exists(strncpy HAVE_STRNCPY)
@@ -86,39 +82,33 @@ if (WIN32)
 endif (WIN32)
 
 if (UNIX)
-    if (NOT LINUX)
-        # libsocket (Solaris)
-        check_library_exists(socket getaddrinfo "" HAVE_LIBSOCKET)
-        if (HAVE_LIBSOCKET)
-          set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} socket)
-        endif (HAVE_LIBSOCKET)
+  # libsocket (Solaris)
+  check_library_exists(socket getaddrinfo "" HAVE_LIBSOCKET)
+  if (HAVE_LIBSOCKET)
+    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} socket)
+  endif (HAVE_LIBSOCKET)
+  # libnsl (Solaris)
+  check_library_exists(nsl gethostbyname "" HAVE_LIBNSL)
+  if (HAVE_LIBNSL)
+    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} nsl)
+  endif (HAVE_LIBNSL)
+  # libresolv
+  check_library_exists(resolv hstrerror "" HAVE_LIBRESOLV)
+  if (HAVE_LIBRESOLV)
+    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} resolv)
+  endif (HAVE_LIBRESOLV)
+  check_library_exists(rt nanosleep "" HAVE_LIBRT)
+  # librt
+  if (HAVE_LIBRT)
+    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} rt)
+  endif (HAVE_LIBRT)
 
-        # libresolv
-        check_library_exists(resolv hstrerror "" HAVE_LIBRESOLV)
-        if (HAVE_LIBRESOLV)
-          set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} resolv)
-        endif (HAVE_LIBRESOLV)
-
-        # libnsl/inet_pton (Solaris)
-        check_library_exists(nsl inet_pton "" HAVE_LIBNSL)
-        if (HAVE_LIBNSL)
-            set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} nsl)
-        endif (HAVE_LIBNSL)
-
-        # librt
-        check_library_exists(rt nanosleep "" HAVE_LIBRT)
-    endif (NOT LINUX)
-
-    check_library_exists(rt clock_gettime "" HAVE_CLOCK_GETTIME)
-    if (HAVE_LIBRT OR HAVE_CLOCK_GETTIME)
-        set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} rt)
-    endif (HAVE_LIBRT OR HAVE_CLOCK_GETTIME)
-
-    check_function_exists(getaddrinfo HAVE_GETADDRINFO)
-    check_function_exists(poll HAVE_POLL)
-    check_function_exists(select HAVE_SELECT)
-    check_function_exists(cfmakeraw HAVE_CFMAKERAW)
-    check_function_exists(regcomp HAVE_REGCOMP)
+  check_function_exists(getaddrinfo HAVE_GETADDRINFO)
+  check_function_exists(gethostbyname HAVE_GETHOSTBYNAME)
+  check_function_exists(poll HAVE_POLL)
+  check_function_exists(select HAVE_SELECT)
+  check_function_exists(cfmakeraw HAVE_CFMAKERAW)
+  check_function_exists(regcomp HAVE_REGCOMP)
 endif (UNIX)
 
 set(LIBSSH_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} CACHE INTERNAL "libssh required system libraries")
@@ -132,15 +122,9 @@ if (GCRYPT_FOUND)
   set(HAVE_LIBGCRYPT 1)
 endif (GCRYPT_FOUND)
 
-if (ZLIB_LIBRARY)
+if (Z_LIBRARY)
   set(HAVE_LIBZ 1)
-endif (ZLIB_LIBRARY)
-
-if (CMAKE_HAVE_THREADS_LIBRARY)
-    if (CMAKE_USE_PTHREADS_INIT)
-        set(HAVE_PTHREAD 1)
-    endif (CMAKE_USE_PTHREADS_INIT)
-endif (CMAKE_HAVE_THREADS_LIBRARY)
+endif (Z_LIBRARY)
 
 # OPTIONS
 if (WITH_DEBUG_CRYPTO)

DefineOptions.cmake

@@ -6,16 +6,4 @@ option(WITH_STATIC_LIB "Build with a static library" OFF)
 option(WITH_DEBUG_CRYPTO "Build with cryto debug output" OFF)
 option(WITH_DEBUG_CALLTRACE "Build with calltrace debug output" ON)
 option(WITH_GCRYPT "Compile against libgcrypt" OFF)
-option(WITH_PCAP "Compile with Pcap generation support" ON)
-option(WITH_INTERNAL_DOC "Compile doxygen internal documentation" OFF)
-option(WITH_TESTING "Build with unit tests" OFF)
-option(WITH_CLIENT_TESTING "Build with client tests; requires a running sshd" OFF)
-option(WITH_BENCHMARKS "Build benchmarks tools" OFF)
-
-if(WITH_BENCHMARKS)
-  set(WITH_TESTING ON)
-endif(WITH_BENCHMARKS)
-
-if (WITH_TESTING)
-  set(WITH_STATIC_LIB ON)
-endif (WITH_TESTING)
+option(WITH_PCAP "Compile with Pcap generation support" OFF)

INSTALL

@@ -68,8 +68,6 @@ If you want to install libssh after compilation run:
 ## Running
 
 The libssh binary can be found in the `build/libssh` directory.
-You can use `build/examples/samplessh` which is a sample client to
-test libssh on UNIX.
 
 ## About this document
 

README

@@ -29,12 +29,6 @@ http://www.libssh.org
 4* API Changes !
 -_-_-_-_-_-_-_-_-_
 
-Changes between 0.4 and 0.5
----------------------------
-
-We use the ssh_ prefix as namespace for every function now. There is a legacy.h
-which could be used to get the old function names.
-
 Changes between 0.3 and 0.4
 ---------------------------
 
@@ -52,20 +46,3 @@ header file and it is documented. Example:
 
 ssh_options_set(session, SSH_OPTIONS_HOST, "localhost");
 
-5* Copyright policy
--_-_-_-_-_-_-_-_-_-_
-
-The developers of libssh have a policy of asking for contributions to be made
-under the personal copyright of the contributor, instead of a corporate
-copyright.
-
-There are some reasons for the establishment of this policy:
-
-    * Individual copyrights make copyright registration in the US a simpler
-      process.
-    * If libssh is copyrighted by individuals rather than corporations,
-      decisions regarding enforcement and protection of copyright will, more
-      likely, be made in the interests of the project, and not in the interests
-      of any corporation’s shareholders.
-    * If we ever need to relicense a portion of the code contacting individuals
-      for permission to do so is much easier than contacting a company.

build/build_make.sh

@@ -62,8 +62,8 @@ function clean_build_dir() {
 }
 
 function usage () {
-echo "Usage: `basename $0` [--prefix /install_prefix|--build [debug|final]|--clean|--verbose|--libsuffix (32|64)|--help|--clang|--cmakedir /directory|--make
-(gmake|make)|--ccompiler (gcc|cc)|--withstaticlib|--unittesting|--clientunittesting|--withssh1|--withserver]"
+echo "Usage: `basename $0` [--prefix /install_prefix|--build [debug|final]|--clean|--verbose|--libsuffix (32|64)|--help|--cmakedir /directory|--make
+(gmake|make)|--ccompiler (gcc|cc)|--withstaticlib|--unittesting|--withss1|--withserver]"
     cleanup_and_exit
 }
 
@@ -100,9 +100,6 @@ while test -n "$1"; do
 			clean_build_dir
 			cleanup_and_exit
 		;;
-		*-clang)
-			OPTIONS="${OPTIONS} -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++"
-		;;
 		*-verbose)
 			DOVERBOSE="1"
 		;;
@@ -135,18 +132,19 @@ while test -n "$1"; do
 		;;
 		*-withstaticlib)
 			OPTIONS="${OPTIONS} -DWITH_STATIC_LIB=ON"
+			shift
 		;;
 		*-unittesting)
-			OPTIONS="${OPTIONS} -DWITH_TESTING=ON"
-		;;
-		*-clientunittesting)
-			OPTIONS="${OPTIONS} -DWITH_CLIENT_TESTING=ON"
+			OPTIONS="${OPTIONS} -DUNIT_TESTING=ON"
+			shift
 		;;
 		*-withssh1)
 			OPTIONS="${OPTIONS} -DWITH_SSH1=ON"
+			shift
 		;;
 		*-withserver)
 			OPTIONS="${OPTIONS} -DWITH_SERVER=ON"
+			shift
 		;;
 		----noarg)
 			echo "$ARG does not take an argument"

cmake/Modules/AddCMockeryTest.cmake

@@ -1,23 +0,0 @@
-# - ADD_CHECK_TEST(test_name test_source linklib1 ... linklibN)
-
-# Copyright (c) 2007      Daniel Gollub <dgollub@suse.de>
-# Copyright (c) 2007-2010 Andreas Schneider <asn@cynapses.org>
-#
-# Redistribution and use is allowed according to the terms of the BSD license.
-# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-
-enable_testing()
-include(CTest)
-
-if(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW)
-    set(CMAKE_C_FLAGS_PROFILING "-g -O0 -Wall -W -Wshadow -Wunused-variable -Wunused-parameter -Wunused-function -Wunused -Wno-system-headers -Wwrite-strings -fprofile-arcs -ftest-coverage" CACHE STRING "Profiling Compiler Flags")
-    set(CMAKE_SHARED_LINKER_FLAGS_PROFILING " -fprofile-arcs -ftest-coverage" CACHE STRING "Profiling Linker Flags")
-    set(CMAKE_MODULE_LINKER_FLAGS_PROFILING " -fprofile-arcs -ftest-coverage" CACHE STRING "Profiling Linker Flags")
-    set(CMAKE_EXEC_LINKER_FLAGS_PROFILING " -fprofile-arcs -ftest-coverage" CACHE STRING "Profiling Linker Flags")
-endif(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW)
-
-function (ADD_CMOCKERY_TEST _testName _testSource)
-    add_executable(${_testName} ${_testSource})
-    target_link_libraries(${_testName} ${ARGN})
-    add_test(${_testName} ${CMAKE_CURRENT_BINARY_DIR}/${_testName})
-endfunction (ADD_CMOCKERY_TEST)

cmake/Modules/DefineCompilerFlags.cmake

@@ -1,71 +1,59 @@
 # define system dependent compiler flags
 
 include(CheckCCompilerFlag)
-include(MacroCheckCCompilerFlagSSP)
 
 if (UNIX AND NOT WIN32)
-    #
-    # Define GNUCC compiler flags
-    #
-    if (${CMAKE_C_COMPILER_ID} MATCHES GNU)
-        # add -Wconversion ?
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -pedantic -pedantic-errors")
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wshadow -Wmissing-prototypes -Wdeclaration-after-statement")
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wunused -Wfloat-equal -Wpointer-arith -Wwrite-strings -Wformat-security")
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-format-attribute")
+  if (${CMAKE_C_COMPILER_ID} MATCHES GNU)
+    # add -Wconversion ?
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -pedantic -Wall -Wextra -Wshadow -Wmissing-prototypes -Wdeclaration-after-statement -Wunused -Wfloat-equal -Wpointer-arith -Wwrite-strings -Wformat-security -Wmissing-format-attribute")
 
-        # with -fPIC
-        check_c_compiler_flag("-fPIC" WITH_FPIC)
-        if (WITH_FPIC)
-            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
-        endif (WITH_FPIC)
+    # with -fPIC
+    check_c_compiler_flag("-fPIC" WITH_FPIC)
+    if (WITH_FPIC)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
+    endif (WITH_FPIC)
 
-        check_c_compiler_flag_ssp("-fstack-protector" WITH_STACK_PROTECTOR)
-        if (WITH_STACK_PROTECTOR)
-            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector")
-        endif (WITH_STACK_PROTECTOR)
+    check_c_compiler_flag("-fstack-protector" WITH_STACK_PROTECTOR)
+    if (WITH_STACK_PROTECTOR)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector")
+    endif (WITH_STACK_PROTECTOR)
 
-        check_c_compiler_flag("-D_FORTIFY_SOURCE=2" WITH_FORTIFY_SOURCE)
-        if (WITH_FORTIFY_SOURCE)
-            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_FORTIFY_SOURCE=2")
-        endif (WITH_FORTIFY_SOURCE)
-    endif (${CMAKE_C_COMPILER_ID} MATCHES GNU)
+    check_c_compiler_flag("-D_FORTIFY_SOURCE=2" WITH_FORTIFY_SOURCE)
+    if (WITH_FORTIFY_SOURCE)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_FORTIFY_SOURCE=2")
+    endif (WITH_FORTIFY_SOURCE)
 
-    #
-    # Check for large filesystem support
-    #
-    if (CMAKE_SIZEOF_VOID_P MATCHES "8")
-        # with large file support
-        execute_process(
-            COMMAND
-                getconf LFS64_CFLAGS
-            OUTPUT_VARIABLE
-                _lfs_CFLAGS
-            ERROR_QUIET
-            OUTPUT_STRIP_TRAILING_WHITESPACE
-        )
-    else (CMAKE_SIZEOF_VOID_P MATCHES "8")
-        # with large file support
-        execute_process(
-            COMMAND
-                getconf LFS_CFLAGS
-            OUTPUT_VARIABLE
-                _lfs_CFLAGS
-            ERROR_QUIET
-            OUTPUT_STRIP_TRAILING_WHITESPACE
-        )
-    endif (CMAKE_SIZEOF_VOID_P MATCHES "8")
-    if (_lfs_CFLAGS)
-        string(REGEX REPLACE "[\r\n]" " " "${_lfs_CFLAGS}" "${${_lfs_CFLAGS}}")
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_lfs_CFLAGS}")
-    endif (_lfs_CFLAGS)
+  endif (${CMAKE_C_COMPILER_ID} MATCHES GNU)
+
+  if (CMAKE_SIZEOF_VOID_P MATCHES "8")
+   # with large file support
+   execute_process(
+     COMMAND
+       getconf LFS64_CFLAGS
+     OUTPUT_VARIABLE
+       _lfs_CFLAGS
+     ERROR_QUIET
+     OUTPUT_STRIP_TRAILING_WHITESPACE
+   )
+ else (CMAKE_SIZEOF_VOID_P MATCHES "8")
+   # with large file support
+   execute_process(
+     COMMAND
+       getconf LFS_CFLAGS
+     OUTPUT_VARIABLE
+       _lfs_CFLAGS
+     ERROR_QUIET
+     OUTPUT_STRIP_TRAILING_WHITESPACE
+   )
+ endif (CMAKE_SIZEOF_VOID_P MATCHES "8")
+ if (_lfs_CFLAGS)
+   string(REGEX REPLACE "[\r\n]" " " "${_lfs_CFLAGS}" "${${_lfs_CFLAGS}}")
+   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_lfs_CFLAGS}")
+ endif (_lfs_CFLAGS)
 
 endif (UNIX AND NOT WIN32)
 
+# suppress warning about "deprecated" functions
 if (MSVC)
-    # Use secure functions by defaualt and suppress warnings about
-    #"deprecated" functions
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /D _CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES=1")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /D _CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES_COUNT=1")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /D _CRT_NONSTDC_NO_WARNINGS=1 /D _CRT_SECURE_NO_WARNINGS=1")
+  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_CRT_SECURE_NO_WARNINGS")
 endif (MSVC)

cmake/Modules/DefinePlatformDefaults.cmake

@@ -6,17 +6,14 @@ endif(CMAKE_SYSTEM_NAME MATCHES "Linux")
 
 if (CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
     set(FREEBSD TRUE)
-    set(BSD TRUE)
 endif (CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
 
 if (CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
     set(OPENBSD TRUE)
-    set(BSD TRUE)
 endif (CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
 
 if (CMAKE_SYSTEM_NAME MATCHES "NetBSD")
     set(NETBSD TRUE)
-    set(BSD TRUE)
 endif (CMAKE_SYSTEM_NAME MATCHES "NetBSD")
 
 if (CMAKE_SYSTEM_NAME MATCHES "(Solaris|SunOS)")

cmake/Modules/FindArgp.cmake

@@ -1,60 +0,0 @@
-# - Try to find Argp
-# Once done this will define
-#
-#  ARGP_FOUND - system has Argp
-#  ARGP_INCLUDE_DIRS - the Argp include directory
-#  ARGP_LIBRARIES - Link these to use Argp
-#  ARGP_DEFINITIONS - Compiler switches required for using Argp
-#
-#  Copyright (c) 2010 Andreas Schneider <asn@cynapses.org>
-#
-#  Redistribution and use is allowed according to the terms of the New
-#  BSD license.
-#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-#
-
-
-if (ARGP_LIBRARIES AND ARGP_INCLUDE_DIRS)
-  # in cache already
-  set(ARGP_FOUND TRUE)
-else (ARGP_LIBRARIES AND ARGP_INCLUDE_DIRS)
-
-  find_path(ARGP_INCLUDE_DIR
-    NAMES
-      argp.h
-    PATHS
-      /usr/include
-      /usr/local/include
-      /opt/local/include
-      /sw/include
-  )
-
-  find_library(ARGP_LIBRARY
-    NAMES
-      argp
-    PATHS
-      /usr/lib
-      /usr/local/lib
-      /opt/local/lib
-      /sw/lib
-  )
-
-  set(ARGP_INCLUDE_DIRS
-    ${ARGP_INCLUDE_DIR}
-  )
-
-  if (ARGP_LIBRARY)
-    set(ARGP_LIBRARIES
-        ${ARGP_LIBRARIES}
-        ${ARGP_LIBRARY}
-    )
-  endif (ARGP_LIBRARY)
-
-  include(FindPackageHandleStandardArgs)
-  find_package_handle_standard_args(Argp DEFAULT_MSG ARGP_LIBRARIES ARGP_INCLUDE_DIRS)
-
-  # show the ARGP_INCLUDE_DIRS and ARGP_LIBRARIES variables only in the advanced view
-  mark_as_advanced(ARGP_INCLUDE_DIRS ARGP_LIBRARIES)
-
-endif (ARGP_LIBRARIES AND ARGP_INCLUDE_DIRS)
-

cmake/Modules/FindCMockery.cmake

@@ -1,63 +0,0 @@
-# - Try to find CMockery
-# Once done this will define
-#
-#  CMOCKERY_FOUND - system has CMockery
-#  CMOCKERY_INCLUDE_DIRS - the CMockery include directory
-#  CMOCKERY_LIBRARIES - Link these to use CMockery
-#  CMOCKERY_DEFINITIONS - Compiler switches required for using CMockery
-#
-#  Copyright (c) 2010 Andreas Schneider <asn@cryptomilk.org>
-#
-#  Redistribution and use is allowed according to the terms of the New
-#  BSD license.
-#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-#
-
-
-if (CMOCKERY_LIBRARIES AND CMOCKERY_INCLUDE_DIRS)
-  # in cache already
-  set(CMOCKERY_FOUND TRUE)
-else (CMOCKERY_LIBRARIES AND CMOCKERY_INCLUDE_DIRS)
-
-  find_path(CMOCKERY_INCLUDE_DIR
-    NAMES
-      google/cmockery.h
-    PATHS
-      ${_CMOCKERY_DIR}/include
-      /usr/include
-      /usr/local/include
-      /opt/local/include
-      /sw/include
-      $ENV{PROGRAMFILES}/cmockery/include
-  )
-
-  find_library(CMOCKERY_LIBRARY
-    NAMES
-      cmockery
-    PATHS
-      ${_CMOCKERY_DIR}/lib
-      /usr/lib
-      /usr/local/lib
-      /opt/local/lib
-      /sw/lib
-      $ENV{PROGRAMFILES}/cmockery/lib
-  )
-
-  set(CMOCKERY_INCLUDE_DIRS
-    ${CMOCKERY_INCLUDE_DIR}
-  )
-
-  if (CMOCKERY_LIBRARY)
-    set(CMOCKERY_LIBRARIES
-        ${CMOCKERY_LIBRARIES}
-        ${CMOCKERY_LIBRARY}
-    )
-  endif (CMOCKERY_LIBRARY)
-
-  include(FindPackageHandleStandardArgs)
-  find_package_handle_standard_args(CMockery DEFAULT_MSG CMOCKERY_LIBRARIES CMOCKERY_INCLUDE_DIRS)
-
-  # show the CMOCKERY_INCLUDE_DIRS and CMOCKERY_LIBRARIES variables only in the advanced view
-  mark_as_advanced(CMOCKERY_INCLUDE_DIRS CMOCKERY_LIBRARIES)
-
-endif (CMOCKERY_LIBRARIES AND CMOCKERY_INCLUDE_DIRS)

cmake/Modules/FindGCrypt.cmake

@@ -6,65 +6,72 @@
 #  GCRYPT_LIBRARIES - Link these to use GCrypt
 #  GCRYPT_DEFINITIONS - Compiler switches required for using GCrypt
 #
-#=============================================================================
-#  Copyright (c) 2009-2011 Andreas Schneider <asn@cryptomilk.org>
+#  Copyright (c) 2009 Andreas Schneider <mail@cynapses.org>
 #
-#  Distributed under the OSI-approved BSD License (the "License");
-#  see accompanying file Copyright.txt for details.
-#
-#  This software is distributed WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#  See the License for more information.
-#=============================================================================
+#  Redistribution and use is allowed according to the terms of the New
+#  BSD license.
+#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 #
 
+
 if (GCRYPT_LIBRARIES AND GCRYPT_INCLUDE_DIRS)
-    # in cache already
-    # set(GCRYPT_FOUND TRUE)
+  # in cache already
+  set(GCRYPT_FOUND TRUE)
 else (GCRYPT_LIBRARIES AND GCRYPT_INCLUDE_DIRS)
 
-    set(_GCRYPT_ROOT_PATHS
-        "$ENV{PROGRAMFILES}/libgcrypt"
+  find_path(GCRYPT_INCLUDE_DIR
+    NAMES
+      gcrypt.h
+    PATHS
+      /usr/include
+      /usr/local/include
+      /opt/local/include
+      /sw/include
+  )
+  mark_as_advanced(GCRYPT_INCLUDE_DIR)
+
+  find_library(GCRYPT_LIBRARY
+    NAMES
+      gcrypt
+    PATHS
+      /usr/lib
+      /usr/local/lib
+      /opt/local/lib
+      /sw/lib
+  )
+  mark_as_advanced(GCRYPT_LIBRARY)
+
+  if (GCRYPT_LIBRARY)
+    set(GCRYPT_FOUND TRUE CACHE INTERNAL "Wether the gcrypt library has been found" FORCE)
+  endif (GCRYPT_LIBRARY)
+
+  set(GCRYPT_INCLUDE_DIRS
+    ${GCRYPT_INCLUDE_DIR}
+  )
+
+  if (GCRYPT_FOUND)
+    set(GCRYPT_LIBRARIES
+      ${GCRYPT_LIBRARIES}
+      ${GCRYPT_LIBRARY}
     )
+  endif (GCRYPT_FOUND)
 
-    find_path(GCRYPT_ROOT_DIR
-        NAMES
-            include/gcrypt.h
-        PATHS
-            ${_GCRYPT_ROOT_PATHS}
-    )
-    mark_as_advanced(ZLIB_ROOT_DIR)
+  if (GCRYPT_INCLUDE_DIRS AND GCRYPT_LIBRARIES)
+     set(GCRYPT_FOUND TRUE)
+  endif (GCRYPT_INCLUDE_DIRS AND GCRYPT_LIBRARIES)
 
-    find_path(GCRYPT_INCLUDE_DIR
-        NAMES
-            gcrypt.h
-        PATHS
-            /usr/local/include
-            /opt/local/include
-            /sw/include
-            /usr/lib/sfw/include
-            ${GCRYPT_ROOT_DIR}/include
-    )
-    set(GCRYPT_INCLUDE_DIRS ${GCRYPT_INCLUDE_DIR})
+  if (GCRYPT_FOUND)
+    if (NOT GCrypt_FIND_QUIETLY)
+      message(STATUS "Found GCrypt: ${GCRYPT_LIBRARIES}")
+    endif (NOT GCrypt_FIND_QUIETLY)
+  else (GCRYPT_FOUND)
+    if (GCrypt_FIND_REQUIRED)
+      message(FATAL_ERROR "Could not find GCrypt")
+    endif (GCrypt_FIND_REQUIRED)
+  endif (GCRYPT_FOUND)
 
-    find_library(GCRYPT_LIBRARY
-        NAMES
-            gcrypt
-            gcrypt11
-            libgcrypt-11
-        PATHS
-            /opt/local/lib
-            /sw/lib
-            /usr/sfw/lib/64
-            /usr/sfw/lib
-            ${GCRYPT_ROOT_DIR}/lib
-    )
-    set(GCRYPT_LIBRARIES ${GCRYPT_LIBRARY})
-
-    include(FindPackageHandleStandardArgs)
-    find_package_handle_standard_args(GCrypt DEFAULT_MSG GCRYPT_LIBRARIES GCRYPT_INCLUDE_DIRS)
-
-    # show the GCRYPT_INCLUDE_DIRS and GCRYPT_LIBRARIES variables only in the advanced view
-    mark_as_advanced(GCRYPT_INCLUDE_DIRS GCRYPT_LIBRARIES)
+  # show the GCRYPT_INCLUDE_DIRS and GCRYPT_LIBRARIES variables only in the advanced view
+  mark_as_advanced(GCRYPT_INCLUDE_DIRS GCRYPT_LIBRARIES)
 
 endif (GCRYPT_LIBRARIES AND GCRYPT_INCLUDE_DIRS)
+

cmake/Modules/FindNSIS.cmake

@@ -1,39 +1,31 @@
 # - Try to find NSIS
 # Once done this will define
 #
-#  NSIS_ROOT_DIR - Set this variable to the root installation of ZLIB
-#
-# Read-Only variables:
 #  NSIS_FOUND - system has NSIS
 #  NSIS_MAKE - NSIS creator executable
 #
-#=============================================================================
-#  Copyright (c) 2010-2011 Andreas Schneider <asn@cryptomilk.org>
+#  Copyright (c) 2010 Andreas Schneider <mail@cynapses.org>
 #
-#  Distributed under the OSI-approved BSD License (the "License");
-#  see accompanying file Copyright.txt for details.
-#
-#  This software is distributed WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#  See the License for more information.
-#=============================================================================
+#  Redistribution and use is allowed according to the terms of the New
+#  BSD license.
+#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 #
 
-set(_NSIS_ROOT_PATHS
-    C:/NSIS/Bin
-    "$ENV{PROGRAMFILES}/NSIS"
-)
+if (NSIS_MAKE)
+  # in cache already
+  set(NSIS_FOUND TRUE)
+elseif (NSIS_MAKE)
+    find_program(NSIS_MAKE
+        NAMES
+            makensis
+        PATHS
+            ${_NSIS_DIR}
+            ${_NSIS_DIR}/Bin
+            $ENV{PROGRAMFILES}/NSIS
+    )
 
-find_program(NSIS_MAKE
-    NAMES
-        makensis
-    PATHS
-        ${NSIS_ROOT_PATH}
-        ${NSIS_ROOT_PATH}/Bin
-        ${_NSIS_ROOT_PATHS}
-)
+    include(FindPackageHandleStandardArgs)
+    find_package_handle_standard_args(NSIS DEFAULT_MSG NSIS_MAKE)
 
-include(FindPackageHandleStandardArgs)
-find_package_handle_standard_args(NSIS DEFAULT_MSG NSIS_MAKE)
-
-mark_as_advanced(NSIS_MAKE)
+    mark_as_advanced(NSIS_MAKE)
+endif (NSIS_MAKE)

cmake/Modules/FindOpenSSL.cmake

@@ -1,208 +1,191 @@
 # - Try to find OpenSSL
 # Once done this will define
 #
-#  OPENSSL_ROOT_DIR - Set this variable to the root installation of OpenSSL
-#
-# Read-Only variables:
 #  OPENSSL_FOUND - system has OpenSSL
 #  OPENSSL_INCLUDE_DIRS - the OpenSSL include directory
 #  OPENSSL_LIBRARIES - Link these to use OpenSSL
 #  OPENSSL_DEFINITIONS - Compiler switches required for using OpenSSL
 #
-#=============================================================================
-#  Copyright (c) 2006-2009 Kitware, Inc.
-#  Copyright (c) 2006      Alexander Neundorf <neundorf@kde.org>
-#  Copyright (c) 2009-2010 Mathieu Malaterre <mathieu.malaterre@gmail.com>
-#  Copyright (c) 2011      Andreas Schneider <asn@cryptomilk.org>
+#  Copyright (c) 2009 Andreas Schneider <mail@cynapses.org>
 #
-#  Distributed under the OSI-approved BSD License (the "License");
-#  see accompanying file Copyright.txt for details.
-#
-#  This software is distributed WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#  See the License for more information.
-#=============================================================================
+#  Redistribution and use is allowed according to the terms of the New
+#  BSD license.
+#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 #
 
+
 if (OPENSSL_LIBRARIES AND OPENSSL_INCLUDE_DIRS)
-    # in cache already
-    set(OPENSSL_FOUND TRUE)
+  # in cache already
+  set(OPENSSL_FOUND TRUE)
 else (OPENSSL_LIBRARIES AND OPENSSL_INCLUDE_DIRS)
+  if (WIN32)
+    set(_OPENSSL_DIR $ENV{PROGRAMFILES}/OpenSSL)
+  endif (WIN32)
 
-    if (UNIX)
-        find_package(PkgConfig)
-        if (PKG_CONFIG_FOUND)
-            pkg_check_modules(_OPENSSL openssl)
-        endif (PKG_CONFIG_FOUND)
-    endif (UNIX)
+  # use pkg-config to get the directories and then use these values
+  # in the FIND_PATH() and FIND_LIBRARY() calls
+  if (${CMAKE_MAJOR_VERSION} EQUAL 2 AND ${CMAKE_MINOR_VERSION} EQUAL 4)
+    include(UsePkgConfig)
+    pkgconfig(openssl _OPENSSL_INCLUDEDIR _OPENSSL_LIBDIR _OPENSSL_LDFLAGS _OPENSSL_CFLAGS)
+  else (${CMAKE_MAJOR_VERSION} EQUAL 2 AND ${CMAKE_MINOR_VERSION} EQUAL 4)
+    find_package(PkgConfig)
+    if (PKG_CONFIG_FOUND)
+      pkg_check_modules(_OPENSSL openssl)
+    endif (PKG_CONFIG_FOUND)
+  endif (${CMAKE_MAJOR_VERSION} EQUAL 2 AND ${CMAKE_MINOR_VERSION} EQUAL 4)
 
-    # http://www.slproweb.com/products/Win32OpenSSL.html
-    set(_OPENSSL_ROOT_HINTS
-        "[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\OpenSSL (32-bit)_is1;Inno Setup: App Path]"
-        "[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\OpenSSL (64-bit)_is1;Inno Setup: App Path]"
+  find_path(OPENSSL_INCLUDE_DIR
+    NAMES
+      openssl/ssl.h
+    PATHS
+      ${_OPENSSL_DIR}/include
+      ${_OPENSSL_INCLUDEDIR}
+      /usr/include
+      /usr/local/include
+      /usr/local/ssl/include
+      /opt/local/include
+      /sw/include
+      /usr/lib/sfw/include
+  )
+  mark_as_advanced(OPENSSL_INCLUDE_DIR)
+
+  find_library(SSL_LIBRARY
+    NAMES
+      ssl
+      ssl_dl
+      libssl
+    PATHS
+      ${_OPENSSL_DIR}/lib
+      ${_OPENSSL_LIBDIR}
+      /usr/lib
+      /usr/local/lib
+      /usr/local/ssl/lib
+      /opt/local/lib
+      /sw/lib
+      /usr/sfw/lib/64
+      /usr/sfw/lib
+  )
+  mark_as_advanced(SSL_LIBRARY)
+
+  find_library(SSLEAY32_LIBRARY
+    NAMES
+      ssleay32
+    PATHS
+      ${_OPENSSL_DIR}/lib
+      ${_OPENSSL_LIBDIR}
+      /usr/lib
+      /usr/local/lib
+      /usr/local/ssl/lib
+      /opt/local/lib
+      /sw/lib
+      /usr/sfw/lib/64
+      /usr/sfw/lib
+  )
+  mark_as_advanced(SSLEAY32_LIBRARY)
+
+  find_library(SSLEAY32MD_LIBRARY
+    NAMES
+      ssleay32MD
+    PATHS
+      ${_OPENSSL_DIR}/lib
+      ${_OPENSSL_LIBDIR}
+      /usr/lib
+      /usr/local/lib
+      /usr/local/ssl/lib
+      /opt/local/lib
+      /sw/lib
+      /usr/sfw/lib/64
+      /usr/sfw/lib
+  )
+  mark_as_advanced(SSLEAY32MD_LIBRARY)
+
+  find_library(CRYPTO_LIBRARY
+    NAMES
+      crypto
+      crypto_dl
+      libcrypto
+      eay
+      eay32
+      libeay
+      libeay32
+    PATHS
+      ${_OPENSSL_DIR}/lib
+      ${_OPENSSL_LIBDIR}
+      /lib
+      /usr/lib
+      /usr/local/lib
+      /usr/local/ssl/lib
+      /opt/local/lib
+      /sw/lib
+      /usr/sfw/lib/64
+      /usr/sfw/lib
+  )
+  mark_as_advanced(CRYPTO_LIBRARY)
+
+  if (SSL_LIBRARY)
+    set(SSL_FOUND TRUE CACHE INTERNAL "Wether the ssl library has been found" FORCE)
+  endif (SSL_LIBRARY)
+
+  if (SSLEAY32_LIBRARY)
+    set(SSLEAY32_FOUND TRUE CACHE INTERNAL "Wether the ssleay32 library has been found" FORCE)
+  endif (SSLEAY32_LIBRARY)
+
+  if (SSLEAY32MD_LIBRARY)
+    set(SSLEAY32MD_FOUND TRUE CACHE INTERNAL "Wether the ssleay32MD library has been found" FORCE)
+  endif (SSLEAY32MD_LIBRARY)
+
+  if (CRYPTO_LIBRARY)
+    set(CRYPTO_FOUND TRUE CACHE INTERNAL "Wether the crypto library has been found" FORCE)
+  endif (CRYPTO_LIBRARY)
+
+  set(OPENSSL_INCLUDE_DIRS
+    ${OPENSSL_INCLUDE_DIR}
+  )
+
+  if (SSL_FOUND)
+    set(OPENSSL_LIBRARIES
+      ${OPENSSL_LIBRARIES}
+      ${SSL_LIBRARY}
     )
+  endif (SSL_FOUND)
 
-    set(_OPENSSL_ROOT_PATHS
-        "C:/OpenSSL/"
-        "C:/OpenSSL-Win32/"
-        "C:/OpenSSL-Win64/"
-        "$ENV{PROGRAMFILES}/OpenSSL"
-        "$ENV{PROGRAMFILES}/OpenSSL-Win32"
-        "$ENV{PROGRAMFILES}/OpenSSL-Win64"
+  if (SSLEAY32_FOUND)
+    set(OPENSSL_LIBRARIES
+      ${OPENSSL_LIBRARIES}
+      ${SSLEAY32_LIBRARY}
     )
+  endif (SSLEAY32_FOUND)
 
-    find_path(OPENSSL_ROOT_DIR
-        NAMES
-            include/openssl/ssl.h
-        HINTS
-            ${_OPENSSL_ROOT_HINTS}
-        PATHS
-            ${_OPENSSL_ROOT_PATHS}
+  if (SSLEAY32MD_FOUND)
+    set(OPENSSL_LIBRARIES
+      ${OPENSSL_LIBRARIES}
+      ${SSLEAY32MD_LIBRARY}
     )
-    mark_as_advanced(OPENSSL_ROOT_DIR)
+  endif (SSLEAY32MD_FOUND)
 
-    find_path(OPENSSL_INCLUDE_DIR
-        NAMES
-            openssl/ssl.h
-        PATHS
-            /usr/local/include
-            /opt/local/include
-            /sw/include
-            /usr/lib/sfw/include
-            ${OPENSSL_ROOT_DIR}/include
+  if (CRYPTO_FOUND)
+    set(OPENSSL_LIBRARIES
+      ${OPENSSL_LIBRARIES}
+      ${CRYPTO_LIBRARY}
     )
+  endif (CRYPTO_FOUND)
 
-    set(OPENSSL_INCLUDE_DIRS ${OPENSSL_INCLUDE_DIR})
-    mark_as_advanced(OPENSSL_INCLUDE_DIRS)
+  if (OPENSSL_INCLUDE_DIRS AND OPENSSL_LIBRARIES)
+     set(OPENSSL_FOUND TRUE)
+  endif (OPENSSL_INCLUDE_DIRS AND OPENSSL_LIBRARIES)
 
-    if (WIN32 AND NOT CYGWIN)
-        # MINGW should go here too
-        if (MSVC)
-            # /MD and /MDd are the standard values - if someone wants to use
-            # others, the libnames have to change here too
-            # use also ssl and ssleay32 in debug as fallback for openssl < 0.9.8b
-            # TODO: handle /MT and static lib
-            # In Visual C++ naming convention each of these four kinds of Windows libraries has it's standard suffix:
-            #   * MD for dynamic-release
-            #   * MDd for dynamic-debug
-            #   * MT for static-release
-            #   * MTd for static-debug
+  if (OPENSSL_FOUND)
+    if (NOT OpenSSL_FIND_QUIETLY)
+      message(STATUS "Found OpenSSL: ${OPENSSL_LIBRARIES}")
+    endif (NOT OpenSSL_FIND_QUIETLY)
+  else (OPENSSL_FOUND)
+    if (OpenSSL_FIND_REQUIRED)
+      message(FATAL_ERROR "Could not find OpenSSL")
+    endif (OpenSSL_FIND_REQUIRED)
+  endif (OPENSSL_FOUND)
 
-            # Implementation details:
-            # We are using the libraries located in the VC subdir instead of the parent directory eventhough :
-            # libeay32MD.lib is identical to ../libeay32.lib, and
-            # ssleay32MD.lib is identical to ../ssleay32.lib
-            find_library(LIB_EAY_DEBUG
-                NAMES
-                    libeay32MDd
-                    libeay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/VC
-            )
-
-            find_library(LIB_EAY_RELEASE
-                NAMES
-                    libeay32MD
-                    libeay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/VC
-            )
-
-            find_library(SSL_EAY_DEBUG
-                NAMES
-                    ssleay32MDd
-                    ssleay32
-                    ssl
-                PATHS ${OPENSSL_ROOT_DIR}/lib/VC
-            )
-
-            find_library(SSL_EAY_RELEASE
-                NAMES
-                    ssleay32MD
-                    ssleay32
-                    ssl
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/VC
-            )
-
-            if (CMAKE_CONFIGURATION_TYPES OR CMAKE_BUILD_TYPE)
-                set(OPENSSL_LIBRARIES
-                    optimized ${SSL_EAY_RELEASE} debug ${SSL_EAY_DEBUG}
-                    optimized ${LIB_EAY_RELEASE} debug ${LIB_EAY_DEBUG}
-                )
-            else (CMAKE_CONFIGURATION_TYPES OR CMAKE_BUILD_TYPE)
-                set( OPENSSL_LIBRARIES ${SSL_EAY_RELEASE} ${LIB_EAY_RELEASE} )
-            endif (CMAKE_CONFIGURATION_TYPES OR CMAKE_BUILD_TYPE)
-
-            mark_as_advanced(SSL_EAY_DEBUG SSL_EAY_RELEASE)
-            mark_as_advanced(LIB_EAY_DEBUG LIB_EAY_RELEASE)
-        elseif (MINGW)
-            # same player, for MingW
-            find_library(LIB_EAY
-                NAMES
-                    libeay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/MinGW
-            )
-
-            find_library(SSL_EAY
-                NAMES
-                    ssleay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/MinGW
-            )
-
-            mark_as_advanced(SSL_EAY LIB_EAY)
-            set(OPENSSL_LIBRARIES ${SSL_EAY} ${LIB_EAY})
-        else(MSVC)
-            # Not sure what to pick for -say- intel, let's use the toplevel ones and hope someone report issues:
-            find_library(LIB_EAY
-                NAMES
-                    libeay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib
-            )
-
-            find_library(SSL_EAY
-                NAMES
-                    ssleay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib
-            )
-
-            mark_as_advanced(SSL_EAY LIB_EAY)
-            set(OPENSSL_LIBRARIES ${SSL_EAY} ${LIB_EAY})
-        endif(MSVC)
-    else (WIN32 AND NOT CYGWIN)
-        find_library(OPENSSL_SSL_LIBRARIES
-            NAMES
-                ssl
-                ssleay32
-                ssleay32MD
-            PATHS
-                ${_OPENSSL_LIBDIR}
-                /opt/local/lib
-                /sw/lib
-                /usr/sfw/lib/64
-                /usr/sfw/lib
-        )
-
-        find_library(OPENSSL_CRYPTO_LIBRARIES
-            NAMES
-                crypto
-            PATHS
-                ${_OPENSSL_LIBDIR}
-                /opt/local/lib
-                /sw/lib
-                /usr/sfw/lib/64
-                /usr/sfw/lib
-        )
-
-        mark_as_advanced(OPENSSL_CRYPTO_LIBRARIES OPENSSL_SSL_LIBRARIES)
-        set(OPENSSL_LIBRARIES ${OPENSSL_SSL_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARIES})
-    endif (WIN32 AND NOT CYGWIN)
-
-    include(FindPackageHandleStandardArgs)
-    find_package_handle_standard_args(OpenSSL DEFAULT_MSG OPENSSL_LIBRARIES OPENSSL_INCLUDE_DIRS)
+  # show the OPENSSL_INCLUDE_DIRS and OPENSSL_LIBRARIES variables only in the advanced view
+  mark_as_advanced(OPENSSL_INCLUDE_DIRS OPENSSL_LIBRARIES)
 
 endif (OPENSSL_LIBRARIES AND OPENSSL_INCLUDE_DIRS)
+

cmake/Modules/FindZLIB.cmake

@@ -1,119 +1,84 @@
 # - Try to find ZLIB
 # Once done this will define
 #
-#  ZLIB_ROOT_DIR - Set this variable to the root installation of ZLIB
-#
-# Read-Only variables:
 #  ZLIB_FOUND - system has ZLIB
 #  ZLIB_INCLUDE_DIRS - the ZLIB include directory
 #  ZLIB_LIBRARIES - Link these to use ZLIB
+#  ZLIB_DEFINITIONS - Compiler switches required for using ZLIB
 #
-#  ZLIB_VERSION_STRING - The version of zlib found (x.y.z)
-#  ZLIB_VERSION_MAJOR  - The major version of zlib
-#  ZLIB_VERSION_MINOR  - The minor version of zlib
-#  ZLIB_VERSION_PATCH  - The patch version of zlib
-#  ZLIB_VERSION_TWEAK  - The tweak version of zlib
+#  Copyright (c) 2009 Andreas Schneider <mail@cynapses.org>
 #
-# The following variable are provided for backward compatibility
-#
-#  ZLIB_MAJOR_VERSION  - The major version of zlib
-#  ZLIB_MINOR_VERSION  - The minor version of zlib
-#  ZLIB_PATCH_VERSION  - The patch version of zlib
-#
-#=============================================================================
-#  Copyright (c) 2001-2009 Kitware, Inc.
-#  Copyright (c) 2011      Andreas Schneider <asn@cryptomilk.org>
-#
-#  Distributed under the OSI-approved BSD License (the "License");
-#  see accompanying file Copyright.txt for details.
-#
-#  This software is distributed WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#  See the License for more information.
-#=============================================================================
+#  Redistribution and use is allowed according to the terms of the New
+#  BSD license.
+#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 #
 
+
 if (ZLIB_LIBRARIES AND ZLIB_INCLUDE_DIRS)
   # in cache already
   set(ZLIB_FOUND TRUE)
 else (ZLIB_LIBRARIES AND ZLIB_INCLUDE_DIRS)
+  if (WIN32)
+    set(_ZLIB_DIR $ENV{PROGRAMFILES}/GnuWin32)
+  endif (WIN32)
 
-    set(_ZLIB_ROOT_HINTS
-        "[HKEY_LOCAL_MACHINE\\SOFTWARE\\GnuWin32\\Zlib;InstallPath]/include"
+  find_path(ZLIB_INCLUDE_DIR
+    NAMES
+      zlib.h
+    PATHS
+      ${_ZLIB_DIR}/include
+      /usr/include
+      /usr/local/include
+      /opt/local/include
+      /sw/include
+  )
+  mark_as_advanced(ZLIB_INCLUDE_DIR)
+
+  find_library(Z_LIBRARY
+    NAMES
+      z
+      zlib
+      zlib1
+    PATHS
+      ${_ZLIB_DIR}/lib
+      /usr/lib
+      /usr/local/lib
+      /opt/local/lib
+      /sw/lib
+  )
+  mark_as_advanced(Z_LIBRARY)
+
+  if (Z_LIBRARY)
+    set(Z_FOUND TRUE)
+  endif (Z_LIBRARY)
+
+  set(ZLIB_INCLUDE_DIRS
+    ${ZLIB_INCLUDE_DIR}
+  )
+
+  if (Z_FOUND)
+    set(ZLIB_LIBRARIES
+      ${ZLIB_LIBRARIES}
+      ${Z_LIBRARY}
     )
+  endif (Z_FOUND)
 
-    set(_ZLIB_ROOT_PATHS
-        "$ENV{PROGRAMFILES}/zlib"
-    )
+  if (ZLIB_INCLUDE_DIRS AND ZLIB_LIBRARIES)
+     set(ZLIB_FOUND TRUE)
+  endif (ZLIB_INCLUDE_DIRS AND ZLIB_LIBRARIES)
 
-    find_path(ZLIB_ROOT_DIR
-        NAMES
-            include/zlib.h
-        HINTS
-            ${_ZLIB_ROOT_HINTS}
-        PATHS
-            ${_ZLIB_ROOT_PATHS}
-    )
-    mark_as_advanced(ZLIB_ROOT_DIR)
+  if (ZLIB_FOUND)
+    if (NOT ZLIB_FIND_QUIETLY)
+      message(STATUS "Found ZLIB: ${ZLIB_LIBRARIES}")
+    endif (NOT ZLIB_FIND_QUIETLY)
+  else (ZLIB_FOUND)
+    if (ZLIB_FIND_REQUIRED)
+      message(FATAL_ERROR "Could not find ZLIB")
+    endif (ZLIB_FIND_REQUIRED)
+  endif (ZLIB_FOUND)
 
-    # check for header file
-    find_path(ZLIB_INCLUDE_DIR
-        NAMES
-            zlib.h
-        PATHS
-            /usr/local/include
-            /opt/local/include
-            /sw/include
-            /usr/lib/sfw/include
-            ${ZLIB_ROOT_DIR}/include
-    )
-    mark_as_advanced(ZLIB_INCLUDE_DIR)
+  # show the ZLIB_INCLUDE_DIRS and ZLIB_LIBRARIES variables only in the advanced view
+  mark_as_advanced(ZLIB_INCLUDE_DIRS ZLIB_LIBRARIES)
 
-    # check version number
-    if (ZLIB_INCLUDE_DIR AND EXISTS "${ZLIB_INCLUDE_DIR}/zlib.h")
-        file(STRINGS "${ZLIB_INCLUDE_DIR}/zlib.h" ZLIB_H REGEX "^#define ZLIB_VERSION \"[^\"]*\"$")
-
-        string(REGEX REPLACE "^.*ZLIB_VERSION \"([0-9]+).*$" "\\1" ZLIB_VERSION_MAJOR "${ZLIB_H}")
-        string(REGEX REPLACE "^.*ZLIB_VERSION \"[0-9]+\\.([0-9]+).*$" "\\1" ZLIB_VERSION_MINOR  "${ZLIB_H}")
-        string(REGEX REPLACE "^.*ZLIB_VERSION \"[0-9]+\\.[0-9]+\\.([0-9]+).*$" "\\1" ZLIB_VERSION_PATCH "${ZLIB_H}")
-
-        set(ZLIB_VERSION_STRING "${ZLIB_VERSION_MAJOR}.${ZLIB_VERSION_MINOR}.${ZLIB_VERSION_PATCH}")
-
-        # only append a TWEAK version if it exists:
-        set(ZLIB_VERSION_TWEAK "")
-        if ("${ZLIB_H}" MATCHES "^.*ZLIB_VERSION \"[0-9]+\\.[0-9]+\\.[0-9]+\\.([0-9]+).*$")
-            set(ZLIB_VERSION_TWEAK "${CMAKE_MATCH_1}")
-            set(ZLIB_VERSION_STRING "${ZLIB_VERSION_STRING}.${ZLIB_VERSION_TWEAK}")
-        endif ("${ZLIB_H}" MATCHES "^.*ZLIB_VERSION \"[0-9]+\\.[0-9]+\\.[0-9]+\\.([0-9]+).*$")
-
-        set(ZLIB_MAJOR_VERSION "${ZLIB_VERSION_MAJOR}")
-        set(ZLIB_MINOR_VERSION "${ZLIB_VERSION_MINOR}")
-        set(ZLIB_PATCH_VERSION "${ZLIB_VERSION_PATCH}")
-    endif (ZLIB_INCLUDE_DIR AND EXISTS "${ZLIB_INCLUDE_DIR}/zlib.h")
-
-    find_library(ZLIB_LIBRARY
-        NAMES
-            z
-            zdll
-            zlib
-            zlib1
-        PATHS
-            /usr/local/lib
-            /opt/local/lib
-            /sw/lib
-            /usr/sfw/lib/64
-            /usr/sfw/lib
-            ${ZLIB_ROOT_DIR}/lib
-    )
-    mark_as_advanced(ZLIB_LIBRARY)
-
-    include(FindPackageHandleStandardArgs)
-    find_package_handle_standard_args(ZLIB DEFAULT_MSG ZLIB_INCLUDE_DIR ZLIB_LIBRARY)
-    #find_package_handle_standard_args(ZLIB REQUIRED_VARS ZLIB_INCLUDE_DIR ZLIB_LIBRARY
-    #                                       VERSION_VAR ZLIB_VERSION_STRING)
-
-    if (ZLIB_FOUND)
-        set(ZLIB_INCLUDE_DIRS ${ZLIB_INCLUDE_DIR})
-        set(ZLIB_LIBRARIES ${ZLIB_LIBRARY})
-    endif (ZLIB_FOUND)
 endif (ZLIB_LIBRARIES AND ZLIB_INCLUDE_DIRS)
+

cmake/Modules/MacroCheckCCompilerFlagSSP.cmake

@@ -1,26 +0,0 @@
-# - Check whether the C compiler supports a given flag in the
-# context of a stack checking compiler option.
-# CHECK_C_COMPILER_FLAG_SSP(FLAG VARIABLE)
-#
-#  FLAG - the compiler flag
-#  VARIABLE - variable to store the result
-# 
-#  This actually calls the check_c_source_compiles macro.
-#  See help for CheckCSourceCompiles for a listing of variables
-#  that can modify the build.
-
-# Copyright (c) 2006, Alexander Neundorf, <neundorf@kde.org>
-#
-# Redistribution and use is allowed according to the terms of the BSD license.
-# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-
-
-INCLUDE(CheckCSourceCompiles)
-
-MACRO (CHECK_C_COMPILER_FLAG_SSP _FLAG _RESULT)
-   SET(SAFE_CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS}")
-   SET(CMAKE_REQUIRED_DEFINITIONS "${_FLAG}")
-   CHECK_C_SOURCE_COMPILES("int main(int argc, char **argv) { char buffer[256]; return buffer[argc]=0;}" ${_RESULT})
-   SET (CMAKE_REQUIRED_DEFINITIONS "${SAFE_CMAKE_REQUIRED_DEFINITIONS}")
-ENDMACRO (CHECK_C_COMPILER_FLAG_SSP)
-

config.h.cmake

@@ -35,10 +35,6 @@
 /* Define to 1 if you have the <openssl/des.h> header file. */
 #cmakedefine HAVE_OPENSSL_DES_H 1
 
-/* Define to 1 if you have the <pthread.h> header file. */
-#cmakedefine HAVE_PTHREAD_H 1
-
-
 /*************************** FUNCTIONS ***************************/
 
 /* Define to 1 if you have the `snprintf' function. */
@@ -59,6 +55,16 @@
 /* Define to 1 if you have the `_vsnprintf_s' function. */
 #cmakedefine HAVE__VSNPRINTF_S 1
 
+/* Define to 1 if you have the `snprintf' function. */
+#cmakedefine HAVE_SNPRINTF 1
+
+/* Define to 1 if you have the `_snprintf' function. */
+#cmakedefine HAVE__SNPRINTF 1
+
+/* Define to 1 if you have the `_snprintf_s' function. */
+#cmakedefine HAVE__SNPRINTF_S 1
+
+
 /* Define to 1 if you have the `strncpy' function. */
 #cmakedefine HAVE_STRNCPY 1
 
@@ -68,6 +74,9 @@
 /* Define to 1 if you have the `getaddrinfo' function. */
 #cmakedefine HAVE_GETADDRINFO 1
 
+/* Define to 1 if you have the `gethostbyname' function. */
+#cmakedefine HAVE_GETHOSTBYNAME 1
+
 /* Define to 1 if you have the `poll' function. */
 #cmakedefine HAVE_POLL 1
 
@@ -77,9 +86,6 @@
 /* Define to 1 if you have the `regcomp' function. */
 #cmakedefine HAVE_REGCOMP 1
 
-/* Define to 1 if you have the `clock_gettime' function. */
-#cmakedefine HAVE_CLOCK_GETTIME 1
-
 /*************************** LIBRARIES ***************************/
 
 /* Define to 1 if you have the `crypto' library (-lcrypto). */
@@ -91,10 +97,6 @@
 /* Define to 1 if you have the `z' library (-lz). */
 #cmakedefine HAVE_LIBZ 1
 
-/* Define to 1 if you have the `pthread' library (-lpthread). */
-#cmakedefine HAVE_PTHREAD 1
-
-
 /**************************** OPTIONS ****************************/
 
 /* Define to 1 if you want to enable ZLIB */

doc/API.html

@@ -0,0 +1,886 @@
+ <!DOCTYPE HTML SYSTEM>
+<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
+<head>
+<title>
+Libssh's Documentation
+</title>
+<link href="style.css" rel="stylesheet" type="text/css">
+</head>
+
+<div id="titre">
+<div align="center">
+LIBSSH API GUIDE <br>
+Or everything you ever wanted to know about a simple and fast ssh library.
+
+</div>
+</div>
+
+<h2> 0 Introduction</h2>
+
+<div class="tout">
+Before inserting ssh hooks into your programs, you must know some basics about 
+the ssh protocol, and understand why the ssh library must implement them. <br>
+Lot of the protocols specifications are hidden by the ssh library API (of 
+course !) but some still needs an attention from the end-user programmer.<br> 
+Note that libssh is still an alpha product, and the API may vary from one 
+version to another. The only guess I can make is that the API won't radically 
+change. <br>
+The SSH protocol was designed for some goals which I resume here : <br>
+-Privacy of data<br>
+-Security<br>
+-Authentication of the server<br>
+-Authentication of the client.<br>
+The client MUST be sure who's speaking to before entering into any 
+authentication way. That's where the end programmer must ensure the given 
+fingerprints *are* from the legitimate server. A ssh connection must follow 
+the following steps:<br>
+<br>
+1- Before connecting the socket, you can set up if you wish one or other 
+   server public key authentication ie. DSA or RSA.
+   You can choose cryptographic algorithms you trust and compression algorithms 
+   if any.<br>
+2- The connection is made. A secure handshake is made, and resulting from it, 
+   a public key from the server is gained.
+   You MUST verify that the public key is legitimate.<br>
+3- The client must authenticate : the two implemented ways are password, and 
+   public keys (from dsa and rsa key-pairs generated by openssh). It is 
+   harmless to authenticate to a fake server with these keys because the 
+   protocol ensures the data you sign can't be used twice. It just avoids 
+   man-in-the-middle attacks.<br>
+4- Now that the user has been authenticated, you must open one or several 
+   channels. channels are different subways for information into a single ssh 
+   connection. Each channel has a standard stream (stdout) and an error 
+   stream (stderr). You can theoretically open an infinity of channel.<br>
+5- With the channel you opened, you can do several things :<br>
+    -Open a shell. You may want to request a pseudo virtual terminal before <br>
+    -Execute a command. The virtual terminal is usable, too<br>
+    -Invoke the sftp subsystem. (look at chapter 6)<br>
+    -invoke your own subsystem. This is out the scope of this 
+    document but it is easy to do.<br>
+6- When everything is finished, just close the channels, and then the 
+   connection.<br>
+<br>
+At every place, a function which returns an error code (typically -1 for int 
+values, NULL for pointers) also sets an error message and an error code.
+I high-lined the main steps, now that's you to follow them :)
+<br>
+</div>
+<h2> 1- Setting the options </h2>
+<div class="tout">
+The options mechanism will change during updates of the library, but the 
+functions which exists now will certainly be kept.
+<br><br>
+The ssh system needs to know the preferences of the user, the trust into one 
+or another algorithm and such. More important informations have to be given 
+before connecting : the host name of the server, the port (if non default), 
+the binding address, the default username, ... <br>
+The options structure is given to a ssh_connect function, then this option 
+structure is used again and again by the ssh implementation. you shall not 
+free it manually, and you shall not share it with multiple sessions.<br>
+Two ways are given for setting the options : the easy one (of course !) and 
+the long-but-accurate one.<br><br>
+</div>
+<h3>a) the easy way</h3><br>
+<div class="tout">
+Lot of ssh options in fact come from the command line of the program... <br>
+you could parse them and then use the long way for every argument, but libssh 
+has a mechanism to do that for you, automatically.<br>
+<br>
+<div class="prot">
+SSH_OPTIONS *ssh_getopt(int *argcptr, char **argv);
+</div>
+this function will return you a new options pointer based on the arguments 
+you give in parameters. <br> better, they clean the argv array from used parameters
+so you can use them after in your own program<br>
+<div class="ex">
+int main(int argc, char **argv){<br>
+	SSH_OPTIONS *opt;<br>
+	opt=ssh_getopt(&argc, argv);<br>
+	if(!opt){<br>
+		...<br>
+	}<br>
+</div>
+the function will return NULL if some problem is appearing.<br>
+As a matter of portability for you own programs, the hostname isn't always<br> 
+the first argument from the command line, so the single arguments (not 
+preceded by a -something) won't be parsed.<br>
+<div class="ex">
+example: <br>
+user@host:~$ myssh -u aris localhost <br>
+-u aris will be caught, localhost will not.<br>
+</div>
+
+cfr the options_set_user() function in the next part for more informations 
+about it.<br>
+</div>
+<h3>b) the long way</h3>
+<div class="tout">
+<div class="prot"> 
+SSH_OPTIONS *options_new();
+</div>
+This function returns an empty but initialized option structure pointer.<br>
+The structure is freed by ssh_disconnect described later, so don't use the 
+existing function options_free() (it's an internal function).<br>
+So : use it only for <b>one</b> ssh_connect(), <b>never</b> free it.<br>
+<br>
+<div class="prot">
+SSH_OPTIONS *options_copy(SSH_OPTIONS *opt);
+</div>
+If you need to replicate an option object before using it, use this function.
+<br><br>
+
+The following functions are all of the following form : <br>
+<div class="prot"> 
+int options_set_something(SSH_OPTIONS *opt, something);
+</div>
+the something parameters are always internaly copied, so you don't have to 
+strdup them.<br>
+some return eather 0 or -1, in which case an error message appears in the 
+error functions, others never fail (return void)<br>
+the error codes and descriptions for these functions are recoverable throught <i>ssh_get_error(NULL);</i>
+<br>
+<div class="prot"> 
+int options_set_wanted_method(SSH_OPTIONS *opt,int method, char *list);
+</div>
+Passing an option structure, a ssh macro for the method, and a list of allowed
+parameters indicates libssh you want to use these.<br>
+The macros are :<br>
+KEX_ALGO<br>
+KEX_HOSTKEY         Server public key type expected<br>
+KEX_CRYPT_C_S 2 Cryptographic algorithm client->server<br>
+KEX_CRYPT_S_C 3 Cryptographic algorithm server->client<br>
+KEX_MAC_C_S 4<br>
+KEX_MAC_S_C 5<br>
+KEX_COMP_C_S 6      Compression method for the stream ("zlib" or "none"), client to server<br>
+KEX_COMP_S_C 7      Compression method for the stream ("zlib" or "none"), server to client<br>
+KEX_LANG_C_S 8<br>
+KEX_LANG_S_C 9<br>
+<br>
+Currently, only KEX_HOSTKEY and ,KEX_CRYPT_C_S,S_C, KEX_COMP_C_S and S_C work
+as expected. the list is a comma separated string of prefered 
+algorithms/methods, in order of preference.<br>
+<br>
+<div class="ex">
+example : this sets the ssh stream to be compressed in client->server mode only
+<br>
+
+ret = option_set_wanted_method(options,KEX_COMP_C_S,"zlib");
+</div>
+<div class="ex">
+example: this will set the cryptographic algorithms wanted from server to
+client to aes128-cbc and then aes192-cbc if the first one isn't supported by
+server:<br>
+ret = option_set_wanted_method(options,KEX_CRYPT_S_C,"aes128-cbc,aes192-cbc");
+</div>
+<div class="ex">
+if you prefer getting the Dss key from a server instead of rsa, but you still
+accept rsa if dss isn't available :<br>
+options_set_wanted_method(options,KEX_HOSTKEY,"ssh-dss,ssh-rsa");
+</div>
+return value: <br>0 if the option is valid, -1 else.<br> An error is set in that case.
+<br><br>
+<div class="prot">
+void options_set_port(SSH_OPTIONS *opt, unsigned int port);
+</div>
+this function sets the server port.
+<div class="prot">
+void options_set_host(SSH_OPTIONS *opt, const char *hostname);
+</div>
+this function sets the hostname of the server. It also supports
+"user@hostname" syntax in which case the user options is set too.
+<div class="prot">
+void options_set_fd(SSH_OPTIONS *opt, int fd);
+</div>
+permits you to specify an opened file descriptor you've opened yourself.
+<br>
+It's a good way of bypassing the internal FD opening in libssh, but there are things you should take care of : <br>
+-The file descriptor should be returned to libssh without nonblocking settings<br>
+-If you wish to use <i>is_server_known()</i> You should also set <i>options_set_host</i>... Otherwise libssh won't have any mean of certifying the server is known or not.<br><br>
+<div class="prot">
+void options_set_bindaddr(SSH_OPTIONS *opt, char *bindaddr);
+</div>
+this function allows you to set the binding address, in case your computer has
+multiple IP or interfaces. it supports both hostnames and IP's
+<br><br>
+<div class="prot">
+void options_set_username(SSH_OPTIONS *opt,char *username);
+</div>
+sets username for authenticating in this session.
+<br><br>
+
+<div class="prot">
+void option_set_timeout(SSH_OPTIONS *opt,long seconds, long usec);
+</div>
+sets the timeout for connecting to the socket. It does not include a timeout for the name resolving or handshake.
+<br>
+<br>
+<div class="prot">
+void options_set_ssh_dir(SSH_OPTIONS *opt, char *dir);
+</div>
+this function sets the .ssh/ directory used by libssh. You may use a %s
+which will be replaced by the home directory of the user.
+NEVER accept parameters others than the user's one, they may contain
+format strings which are a security hole if a malicious agent gives it.
+<br><br>
+<div class="prot">
+void options_set_known_hosts_file(SSH_OPTIONS *opt, char *dir);
+</div>
+same than <i>options_set_ssh_dir()</i> for known_hosts file.
+<br><br>
+<div class="prot">
+void options_set_identity(SSH_OPTIONS *opt, char *identity);
+</div>
+same than upper for the identity file (they come by pair, the one asked is the file without the .pub suffix)
+<br><br>
+<div class="prot">
+void options_set_status_callback(SSH_OPTIONS *opt, void (*callback)(void *arg, float status), void *arg);
+</div>
+Because more and more developpers use libssh with GUI, I've added this function to make the ssh_connect function more
+interactive. This permits to set a callback of the form 
+<div class="prot">void function(void *userarg, float status);</div> with status going from 0 to 1 during ssh_connect. The callback won't ever be called after the connection is made.
+<br><br>
+</div>
+<h2>
+2- Connecting the ssh server
+</H2>
+<div class="tout">
+The API provides an abstract data type, SSH_SESSION, which describes the 
+connection to one particular server. You can make several connections to
+different servers under the same process because of this structure.
+<br>
+<br>
+<div class="prot">
+SSH_SESSION *ssh_connect(SSH_OPTIONS *options);
+</div>
+This function returns a handle on the newly connection. This function expects
+to have a pre-set options structure.
+<br>
+It returns NULL in case of error, in which case you can look at error messages
+for more informations.
+<br><br>
+<div class="prot">
+void ssh_disconnect(SSH_SESSION *session);
+</div>
+This function sends a polite disconnect message, and does clean the session.<br>
+This is the proper way of finishing a ssh connection.<br>
+<br>
+<div class="prot">
+int ssh_get_pubkey_hash(SSH_SESSION *session, char hash[MD5_DIGEST_LEN]);
+</div>
+This function places the MD5 hash of the server public key into the hash array.<br>
+It's IMPORTANT to verify it matches the previous known value. One server always
+have the same hash. No other server/attacker can emulate it (or it'd be caught
+by the public key verification procedure automatically made by libssh).
+<br>
+You can skip this step if you correctly handle <i>is_server_known()</i>
+<br><br>
+<div class="prot">
+int ssh_is_server_known(SSH_SESSION *session);
+</div>
+
+Checks the user's known host file to look for a previous connection to the specified server. Return values:<br>
+SSH_SERVER_KNOWN_OK : the host is known and the key has not changed<br>
+SSH_SERVER_KNOWN_CHANGED : The host's key has changed. Either you are under
+an active attack or the key changed. The API doesn't give any way to modify the key in known hosts yet. I Urge end developers to WARN the user about the possibility of an attack.<br>
+SSH_SERVER_FOUND_OTHER: The host gave us a public key of one type, which does 
+not exist yet in our known host file, but there is an other type of key which is know.<br>
+IE server sent a DSA key and we had a RSA key.<br>
+Be carreful it's a possible attack (coder should use option_set_wanted_method() to specify
+which key to use).<br>
+SSH_SERVER_NOT_KNOWN: the server is unknown in known hosts. Possible reasons :
+case not matching, alias, ... In any case the user MUST confirm the Md5 hash is correct.<br>
+SSH_SERVER_ERROR : Some error happened while opening known host file.<br>
+<br>
+<div class="prot">
+int ssh_write_knownhost(SSH_SESSION *session);
+</div>
+write the current connected host as known in the known host file. returns a negative value if something went wrong. You generaly use it when ssh_is_server_known returned SSH_SERVER_NOT_KNOWN.
+<br><br>
+<div class="prot">
+int pubkey_get_hash(SSH_SESSION *session,char hash[MD5_DIGEST_LEN]);
+</div>
+deprecated but left for binary compatibility (will be removed in newer versions).
+</div>
+
+<h2>3- Authenticating to server</h2>
+<div class="tout">
+The ssh library supports the two most used authentication methods from SSH.
+In every function, there is a "username" argument. If null is given instead,
+the server will use the default username (which is guessed from what you gave
+to options_set_user or options_set_hostname or even the local user running the code).
+<br>
+ 
+Authentication methods :<br>
+<h3>A) Public keys</h3><br>
+ The public key is the only method which does not compromise your key if the 
+ remote host has been compromised (the server can't do anything more than 
+ getting your public key). This is not the case of a password authentication
+ (the server can get your plaintext password).<br>
+ Libssh is obviously fully compatible with the openssh public and private keys.<br>
+ The things go this way : you scan a list of files which contain public keys.<br>
+ For each key, you send it to ssh server until the server acknowledges a key 
+ (a key it knows). Then, you get the private key for this key and send a 
+ message proving you own that private key.<br>
+ Here again, two ways for the public key authentication... the easy and the 
+ complicated one.<br>
+<br>
+<h4> easy way:</h4>
+<div class="prot">
+int ssh_userauth_autopubkey(SSH_SESSION *session);
+</div>
+This function will try the most common places for finding the public and 
+ private keys (your home directory) or eventualy the identity files asked by 
+ the <i>options_set_identity()</i> function.<br>
+ The return values are :<br>
+ SSH_AUTH_ERROR : some serious error happened during authentication<br>
+ SSH_AUTH_DENIED : no key matched<br>
+ SSH_AUTH_SUCCESS : you are now authenticated<br>
+ SSH_AUTH_PARTIAL : some key matched but you still have to give an other mean 
+                of authentication (like password).<br>
+<br>
+<h4> peanful way:</h4>
+ there are three steps : you get a public key, you ask the server if the key
+ matches a known one, if true, you get the private key and authenticate with
+ it.<br>
+ <div class="prot">
+ STRING *publickey_from_file(char *filename,int *_type);
+</div>
+will return an handle on a public key. if you give a pointer to an int, 
+ a symbolic value will be placed there. Do it because you need it in next 
+ step.<br><br>
+<div class="prot">
+ int ssh_userauth_offer_pubkey(SSH_SESSION *session, char *username,
+                                         int type, STRING *publickey);
+ </div>
+ this function will offer a public key to the server. SSH_AUTH_SUCCESS is 
+ returned if the key is accepted (in which case you'll want to get the 
+ private key), SSH_AUTH_DENIED otherwise.<br> 
+ Still watch for SSH_AUTH_ERROR as connection problems might happen.
+<br>
+ in case of SSH_AUTH_SUCCESS,
+ <br>
+ <div class="prot">
+ PRIVATE_KEY *privatekey_from_file(SSH_SESSION *session,char *filename,
+                                             int type,char *passphrase);
+ </div>
+ will get the privatekey from the filename previously set by
+ publickey_from_next_file(). You can call it with a passphrase for
+ unlocking the key. If passphrase==NULL, the default prompt will be used.<br> 
+ The function returns NULL if the private key wasn't opened 
+ (ie bad passphrase or missing file).<br>
+<br>
+<div class="prot">
+ int ssh_userauth_pubkey(SSH_SESSION *session, char *username, 
+                         STRING *publickey, PRIVATE_KEY *privatekey);
+</div>
+ Will try to authenticate using the public and private key. It shall return 
+ SSH_AUTH_SUCCESS if you are authenticated, SSH_AUTH_ERROR, SSH_AUTH_DENIED or 
+ SSH_AUTH_PARTIAL depending of return condition.<br>
+
+ each public key (of type STRING) must be freed with the libc "free" function.<br>
+ The private key must be freed with private_key_free(PRIVATE_KEY *) which 
+ will clean the memory before (don't worry about passphrase leaking).<br>
+ <br>
+
+<h3> B) Password</h3><br>
+ <div class="prot">
+ int ssh_userauth_password(SSH_SESSION *session,char *username,char *password);
+ </div>
+ Will return SSH_AUTH_SUCCESS if the password matched, one of other constants 
+ otherwise. It's your work to ask the password and to free it in a secure 
+ manner.<br><br>
+
+<h3> C) Keyboard-interactive</h3><br>
+ <div class="prot">
+ int ssh_userauth_kbdint(SSH_SESSION *session, char *user, char *submethods);
+ </div>
+ This is the main keyboard-interactive function. It will return SSH_AUTH_SUCCESS,SSH_AUTH_DENIED, SSH_AUTH_PARTIAL, SSH_AUTH_ERROR depending on the result of the request.<br>
+ The keyboard-interactive authentication method of SSH2 is a feature which permits the server to ask a certain number of questions in an interactive manner to the client, until it decides to accept or deny the login.<br>
+ To begin, you call this function (you can omit user if it was set previously and omit submethods - instead you know what you do - just put them to NULL) and store the answer.
+ If the answer is SSH_AUTH_INFO, it means the server has sent a few questions to ask your user, which you can retrieve with the following functions. Then, set the answers and call back ssh_userauth_kbdint with same arguments. It may again ask a few other questions etc. until you get an other SSH_AUTH code than SSH_AUTH_INFO.<br>
+ Few remarks :<br>
+ -Even the first call can return SSH_AUTH_DENIED or SSH_AUTH_SUCCESS.<br>
+ -The server can send an empty question set (this is the default behavior on my system) after you have sent the answers to the first questions.
+ you must still parse the answer, it might contain some message from the server saying hello or such things. Just call ssh_userauth_kbdint() once more<br>
+<br>
+ <div class="prot">
+int ssh_userauth_kbdint_getnprompts(SSH_SESSION *session);
+ </div>
+After you called ssh_userauth_kbdint and got SSH_AUTH_INFO, the session contains a few questions (or prompts) from the server. This function returns the number of prompts and answers.<br>
+It could be zero, in which case you must act as said previously.<br>
+
+<div class="prot">
+ char *ssh_userauth_kbdint_getname(SSH_SESSION *session);
+</div>
+ this functions returns the "name" of the message block. The meaning is explained later.<br>
+ This function returns a pointer that stays valid until the next ssh_userauth_kbdint() call and must not be freed.<br>
+
+<div class="prot">
+ char *ssh_userauth_kbdint_getinstruction(SSH_SESSION *session);
+</div>
+ this functions returns the "instruction" of the message block. The meaning is explained later.<br>
+This function returns a pointer that stays valid until the next ssh_userauth_kbdint() call and must not be freed.<br>
+
+<div class="prot">
+ char *ssh_userauth_kbdint_getprompt(SSH_SESSION *session,int i, char *echo);
+</div>
+This functions returns a pointer to the nth prompt. The character pointed by echo, if different from null, will contain a boolean value after the call, which means that the user prompt must be echoed or not.<br>
+zero means that the echo is Off (like for a password prompt).<br>
+any other value means the echo is on.<br>
+This function returns a pointer that stays valid until the next ssh_userauth_kbdint() call and must not be freed.<br>
+
+<div class="prot">
+void ssh_userauth_kbdint_setanswer(SSH_SESSION *session, unsigned int i, char *a
+nswer);
+</div>
+This function sets the ith answer. The string you give will be duplicated, and this copy will be discarded once it is no longer necessary.<br>
+care must be taken so you discard the content of the original string after this function call.<br>
+
+<h3> A little note about how to use the informations from keyboard-interactive authentication</h3>
+<br>
+The words from the original drafts explain everything
+<div class="prot">
+3.3 User Interface
+
+Upon receiving a request message, the client SHOULD prompt the user
+as follows:<br>
+ A command line interface (CLI) client SHOULD print the name and
+ instruction (if non-empty), adding newlines.  Then for each prompt in
+ turn, the client SHOULD display the prompt and read the user input.<br>
+<br>
+A graphical user interface (GUI) client has many choices on how to
+prompt the user.  One possibility is to use the name field (possibly
+prefixed with the application's name) as the title of a dialog window
+in which the prompt(s) are presented.  In that dialog window, the
+instruction field would be a text message, and the prompts would be
+labels for text entry fields.  All fields SHOULD be presented to the
+user, for example an implementation SHOULD NOT discard the name field
+because its windows lack titles; it SHOULD instead find another way
+to display this information.  If prompts are presented in a dialog
+window, then the client SHOULD NOT present each prompt in a separate
+window.<br>
+<br>
+All clients MUST properly handle an instruction field with embedded
+newlines.  They SHOULD also be able to display at least 30 characters
+for the name and prompts.  If the server presents names or prompts
+longer than 30 characters, the client MAY truncate these fields to
+the length it can display.  If the client does truncate any fields,
+there MUST be an obvious indication that such truncation has occured.<br>
+The instruction field SHOULD NOT be truncated.<br>
+Clients SHOULD use control character filtering as discussed in
+[SSH-ARCH] to avoid attacks by including terminal control characters
+in the fields to be displayed.<br>
+<br>
+For each prompt, the corresponding echo field indicates whether or
+not the user input should be echoed as characters are typed.  Clients
+SHOULD correctly echo/mask user input for each prompt independently
+of other prompts in the request message.  If a client does not honor
+the echo field for whatever reason, then the client MUST err on the
+side of masking input.  A GUI client might like to have a checkbox
+toggling echo/mask.  Clients SHOULD NOT add any additional characters
+to the prompt such as ": " (colon-space); the server is responsible
+for supplying all text to be displayed to the user.  Clients MUST
+also accept empty responses from the user and pass them on as empty
+strings.<br>
+
+</div>
+<br>
+<h3> D) "none"</h3><br>
+ In fact this mode only serve to get the list of supported authentications.<br>
+ however, it also serves to get the banner message from the server, if any.<br>
+ You should firstly try this method, at least for getting the banner, then to enter if there is no password at all.<br>
+ <div class="prot">
+ int ssh_userauth_none(SSH_SESSION *session, char *username);
+ </div>
+ if the account has no password (and the server is configured to let you
+ pass), the function might answer SSH_AUTH_SUCCESS. That's why
+ ssh_auth_autopubkey already calls it for you.
+<br><br>
+<div class="prot">
+ char *ssh_get_issue_banner(SSH_SESSION *session);
+</div>
+if during authentication, the server has given a banner, you can get it
+ this way. the function returns NULL if no banner exists, and you have to
+ free the returned pointer.<br><br>
+</div>
+
+<h2>4- Opening a channel</h2>
+<div class="tout">
+Maybe you want to use the sftp subsystem : all this is done for you, you 
+better read at the end of the paper how to use the sftp functions.<br>
+You probably want to open one or more shells, or call one or more programs.<br>
+
+So you need a channel.<br>
+<div class="prot">
+     CHANNEL *channel;
+</div>
+This is an handler to a channel object. it describes your channel.
+<br>
+<div class="prot">
+CHANNEL *channel_open_session(SSH_SESSION *session);
+</div>
+This will open a channel for use into a session (which can be used for executing
+a command or a shell. Not for tcp forwarding).<br>
+The function returns NULL if for a reason or another the channel can't be
+opened.<br>
+<i>
+CHANNEL *open_session_channel(...)</i> is deprecated and should not be used in future
+applications.<br><br>
+<div class="prot">
+CHANNEL *channel_open_forward(SSH_SESSION *session, char *remotehost, 
+     int remoteport, char *sourcehost, int localport);
+</div>
+Ask the server to tunnel a TCP connection. The server will connect to 
+ remotehost:remoteport and libssh will return an handle to the channel if it is allowed.<br>
+ Otherwise, NULL will be returned. sourcehost and localport are generaly
+ used in message debugging purpose and have no effect on the result.<br>
+ <br>
+When you've finished with your channel, you may send an EOF message and 
+then close it :<br>
+<div class="prot">
+void channel_send_eof(CHANNEL *channel);
+</div>
+sends an end of file into channel. It doesn't close the channel and you can still read it.<br><br>
+
+<div class="prot">
+void channel_free(CHANNEL *channel);
+</div>
+closes and destroy the channel.
+<br>
+<div class="prot">
+void channel_close(CHANNEL *channel);
+</div>
+sends an EOF and close the channel. (if you don't know what to do, use channel_free). It doesn't free the channel.
+
+</div>
+<h2>5- The shell</h2>
+<div class="tout">
+<div class="prot">
+int channel_request_env(CHANNEL *channel, char *name, char *value);
+</div>
+Ask the server to set the "name" environment variable to "value". For security
+ reasons, some variables won't be accepted by the server. It returns 0 otherwise.<br><br>
+<div class="prot">
+int channel_request_pty(CHANNEL *channel);
+</div>
+ ask the server to allocate a pseudo terminal for the current channel.<br> 
+ the function returns 0 on success.<br><br>
+ 
+<div class="prot">
+int channel_request_pty_size(CHANNEL *channel, char *terminal, int cols, int rows);
+</div>
+ask the server to allocate a pty. The terminal parameter is the type of pty 
+(vt100,xterm,...), cols and rows are the size of the new terminal (80x24 by example).<br><br>
+<div class="prot">
+int channel_change_pty_size(CHANNEL *channel, int cols,int rows);
+</div>
+changes the window size (terminal) of the current session;<br><br>
+<div class="prot">
+int channel_request_shell(CHANNEL *channel);
+</div>
+This function requests a shell. After its success, a shell is running at the other side of the channel.<br><br>
+<div class="prot">
+int channel_request_exec(CHANNEL *channel, char *cmd);
+</div>
+run a shell command without an interactive shell, ie $SHELL -c "command".<br>
+ returns 0 on success.<br><br>
+
+You might ask the server to open a subsystem for you. this is done this way :
+<div class="prot">
+int channel_request_subsystem(CHANNEL *channel, char *subsystem);
+</div>
+There are some functions used to manipulate the channels :
+<br><br>
+<div class="prot">
+int channel_write(CHANNEL *channel,void *data,int len);
+</div>
+writes len bytes of data into the channel. It returns the number of bytes written. The current implementation is a blocking write
+of the complete data buffer, but it may vary.<br><br>
+<div class="prot">
+int channel_read(CHANNEL *channel, BUFFER *buffer,int bytes,int is_stderr);
+</div>
+It makes a blocking read on the channel, of "bytes" bytes and returns the
+ result into an allocated buffer you passed in. (with <i>buffer_new()</i>).<br>
+ it will read on stderr, if is_stderr is set.<br>
+ The function might read less bytes than "bytes" variable if an End of File
+ happened. Otherwise, the function will always block reading until "bytes"
+ bytes are read.<br>
+ with "bytes"=0, <i>channel_read()</i> will read the current state of the read buffer, but will read at least one byte (and block if nothing is available, except EOF case).<br>
+ 
+ You don't need to free and allocate a new buffer each time you call this function, just pass the same object each time.<br>
+ look at the <i>buffer_</i> functions further for the correct way of retrieving the data.<br><br>
+
+<div class="prot">
+int channel_read_nonblocking (CHANNEL *channel, char *dest, int len, int is_stderr);
+</div>
+Non-blocking read on channel, at most len bytes of data are read. Returns 0 if EOF or if no data available.
+<br><br>
+<div class="prot">
+int channel_is_open(CHANNEL *channel);
+</div>
+ returns 0 if the channel has been closed by remote host, something else otherwise.<br><br>
+<div class="prot">
+int channel_poll(CHANNEL *channel, int is_stderr);
+</div>
+ This nonblocking function returns the number of bytes immediatly available for
+ reading on the channel and stdin/stderr.<br><br>
+
+More interesting, if you are going to do channel multiplexing, this function 
+is for you :<br><br>
+<div class="prot">
+int ssh_select(CHANNEL **channels,CHANNEL **outchannels, int maxfd,
+                           fd_set *readfds, struct timeval *timeout);
+</div>
+channels is an array of channel pointers, finished by a NULL pointer.<br>
+ It can be used ever and ever, as it is never written.<br>
+ outchannels is an array of size at least greater or equal to "channels".<br>
+ It hasn't to be initialized.<br>
+ maxfd is the maximum file descriptor from your own filedescriptors.<br>
+ readfds is a pointer to a fd_set structure, like in the original
+ select implementation (man select).<br>
+ the struct timeval *timeout has the same meaning than in 
+ select(2) (man select).<br>
+ 
+ There is no support for writing or special events as in <i>select(2)</i> yet.<br>
+The function returns -1 if an error occured, or SSH_EINTR if select was interrupted by a syscall. This is not an error, you may restart the function.<br>
+<b>note about signals:</b> libssh is not threadsafe, and most functions are not
+reetrant when using the same data structures : it means you *cannot* do anything
+with a channel from a ssh session passed to <i>ssh_select</i> during a signal.
+<br>take a look at sample.c on how to bypass that limitation.<br>
+the function works this way : it returns in the readfds the filedescriptors which have data ready for reading (the given filedescriptors have a greatest priority).<br>
+Then, if no file descriptor can be read, the function looks for every 
+channel from the array to get a channel with data bufferized. If nothing is 
+available, it waits for activity on any channel/file descriptor and returns 
+immediatly, or waits until timeout.<br>
+You will find the channels that can be read in the outchannels array (finished by NULL) and the filedescriptors in your fd_set (man FD_ISSET).<br>
+this is the "heart" of your main loop.<br>
+<br>
+<h3>The BUFFER object.</h3>
+Reading is done through the BUFFER object. here is the public interface :
+<br>
+<div class="prot">
+BUFFER *buffer_new();
+</div>
+creates a buffer object.
+<br><br>
+<div class="prot">
+void *buffer_get(BUFFER *buffer);
+</div>
+returns a pointer to the begining of buffer.
+<br><br>
+<div class="prot">
+int buffer_get_len(BUFFER *buffer);
+</div>
+returns buffer's data size.
+<br><br>
+<div class="prot">
+void buffer_free(BUFFER *buffer);
+</div>
+destoys the buffer.
+<br>
+<br>
+How to use the buffer system when you've read something:<br>
+I've seen people doing such code:<br>
+<div class="prot">
+char buffer[256];<br>
+channel_read(channel,buf,1234,0);<br>
+strcpy(buffer,buf.data);<br>
+</div>
+The correct way of doing this:
+<div class="prot">
+char buffer[256];<br>
+int i;<br>
+i=channel_read(channel,buf,1234,0);<br>
+if(i<=0)<br>
+&nbsp;&nbsp;&nbsp;&nbsp;go_out()...<br>
+if(i>=256)<br>
+&nbsp;&nbsp;&nbsp;&nbsp;i=255;<br>
+memcpy(buffer,buffer_get(buf),i);<br>
+buffer[i]=0;
+</div>
+Do not expect the buffer to be null-terminated. Don't access the internal structure of buffer. Check the sizes before copying.<br>
+</div>
+<h2>6- The SFTP subsystem</h2>
+<div class="tout">
+SFTP is a secure implementation of a file transfer protocol. The current 
+implemented version is 3. All functions aren't implemented yet but the most
+important are.<br>
+<br>
+<h3>A) Opening the session</h3>
+<div class="prot">
+  SFTP_SESSION *sftp_new(SSH_SESSION *session);
+  int sftp_init(SFTP_SESSION *sftp);
+</div>
+  The former returns a SFTP_SESSION handle. It returns NULL if things didn't 
+  work as expected.<br>
+  sftp_init makes some initialisation work. It returns 0 if things went right.
+  Both of them must be called.<br>
+<h3>B) Opening and reading a directory</h3>
+<div class="prot">
+  SFTP_DIR *sftp_opendir(SFTP_SESSION *session, char *path);
+</div>
+  opens a directory for file listing. Returns NULL in error case.
+  <br><br>
+<div class="prot">
+  SFTP_ATTRIBUTES *sftp_readdir(SFTP_SESSION *session, SFTP_DIR *dir);
+</div>
+This function reads one file attribute from an opened directory. It
+  returns NULL if the directory is EOF, or if something wrong happened.
+<br><br>
+<div class="prot">
+  int sftp_dir_eof(SFTP_DIR *dir);
+</div>
+ When a <i>sftp_readdir()</i> returned NULL, you can use this function to 
+ tell if an EOF occured. the function returns 0 if no EOF occured.
+ <br><br>
+ <div class="prot">
+  void sftp_attributes_free(SFTP_ATTRIBUTES *file);
+</div>
+You have to free any SFTP_ATTRIBUTE structure given by an other function 
+  with it.<br><br>
+<div class="prot">
+  int sftp_dir_close(SFTP_DIR *dir);
+</div>
+closes an opened directory. returns 0 when no error occured.
+<br><br>
+<h3>C) Opening, reading, writing files</h3>
+<div class="prot">
+  SFTP_FILE *sftp_open(SFTP_SESSION *session, char *file, int access,
+                                                SFTP_ATTRIBUTES *attr);
+</div>
+Opens a file. The access flags are the same than the stdio flags.<br>
+see open(2) for more details.<br>
+attr are the wanted attributes for the new file. If you supply NULL,
+  default values will be used.<br>
+rem: more work is going on parsing/making the attributes structure
+<br><br>
+<div class="prot">
+  int sftp_read(SFTP_FILE *file, void *dest, int len);
+</div>
+read on a file. Works as the fread() function. It is blocking by default but you can change the default behaviour with <i>sftp_file_set_nonblocking()</i>.
+ <br><br>
+<div class="prot">
+  void sftp_file_set_nonblocking(SFTP_FILE *file);
+</div>
+sets the file non blocking. reads on this file won't ever block. You can't detect end of files this way.<br>
+*** TODO more work going there for EOF ****
+<br><br>
+<div class="prot">
+  void sftp_file_set_blocking(SFTP_FILE *file);
+</div>
+restore the default setting of sftp_read.
+<br><br>
+<div class="prot">
+  int sftp_write(SFTP_FILE *file, void *source, int len);
+</div>
+works as fwrite() function. It is a blocking write.<br>
+<br>
+<div class="prot">
+  void sftp_seek(SFTP_FILE *file, int new_offset);
+</div>
+seek into the file for reading/writing at an other place.
+<br><br>
+<div class="prot">
+  unsigned long sftp_tell(SFTP_FILE *file);
+</div>
+returns the current offset (both writing and reading) into the opened file.
+<br><br>
+<div class="prot">
+  void sftp_rewind(SFTP_FILE *file);
+</div>
+  same as sftp_seek(file,0);
+<br><br>
+<div class="prot">
+  int sftp_file_close(SFTP_FILE *file);
+</div>
+  closes a file handle. returns 0 in no error case.
+<br><br>
+<div class="prot">
+  int sftp_rm(SFTP_SESSION *sftp, char *file);
+</div>
+deletes a file.
+<br><br>
+<div class="prot">  
+  int sftp_rmdir(SFTP_SESSION *sftp, char *directory);
+</div>
+<br>
+deletes a directory.
+<br><br>
+<div class="prot">
+  int sftp_mkdir(SFTP_SESSION *sftp, char *directory, SFTP_ATTRIBUTES *attr);
+</div>
+makes a directory, with the given attributes. You can't pass NULL for attr and hope it works.
+  <br><br>
+<div class="prot">
+  int sftp_rename(SFTP_SESSION *sftp, char *original, char *newname);
+</div>
+changes the name of a file or directory.
+<br><br>
+<div class="prot">
+  int sftp_setstat(SFTP_SESSION *sftp, char *file, SFTP_ATTRIBUTES *attr);
+</div>
+changes the attributes of a file or directory.
+<br><br>
+<div class="prot">
+  char *sftp_canonicalize_path(SFTP_SESSION *sftp, char *path);
+</div>
+  gives the canonicalized form of some path. You have to 
+  free the pointer given in return.<br>
+  (returns NULL if error).
+<br><br>
+
+ (a function to make proper SFTP_ATTRIBUTES structures is on the way )
+
+<h3>D) Closing the session</h3>
+<div class="prot">
+  void sftp_free(SFTP_SESSION *sftp);
+</div>
+it closes the sftp channel and subsystem.
+</div>
+
+<h2>7- Handling the errors</h2>
+<div class="tout">
+When some function returns an error code, it's allways possible to get an
+english message describing the problem. the function ssh_get_error()
+returns a pointer to the static error buffer.<br>
+ssh_error_code() returns the error code number. it's declared as an enum:<br>
+SSH_NO_ERROR, SSH_REQUEST_DENIED, SSH_INVALID_REQUEST, SSH_CONNECTION_LOST,
+SSH_FATAL, SSH_INVALID_DATA.<br><br>
+SSH_REQUEST_DENIED means the ssh server refused your request but the situation is
+recoverable. the others mean something happened to the connection (some
+encryption problems, server problems, library bug, ...).<br>
+SSH_INVALID_REQUEST means the library got some garbage from server. (But might be
+recoverable).<br>
+SSH_FATAL means the connection has an important problem and isn't probably 
+recoverable.<br>
+<br>
+Most of time, the error returned are SSH_FATAL, but some functions (generaly the
+<i>ssh_request_*</i> ones) may fail because of server denying request. In these cases, SSH_REQUEST_DENIED is returned.<br><br>
+
+You'll see in the prototype SSH_SESSION *session. That's because for thread
+safety, error messages that can be attached to a session aren't static
+anymore. So, any error that could happen during ssh_getopt(), options_* or
+ssh_connect() will be retreavable giving NULL as argument.<br>
+<br>
+<div class="prot">
+char *ssh_get_error(SSH_SESSION *session);
+</div>
+returns a pointer to a static message error from the given session. No
+message freeing is needed.<br><br>
+<div class="prot">
+enum ssh_error ssh_get_error_code(SSH_SESSION *session);
+</div>
+returns the error code that last happened along with the message. 
+<br><br>
+</div>
+
+<h2>8- Final word</h2>
+<div class="tout">
+I made this library because nothing in the Open source or free software community was existing yet. This project is a very personnal one as it's the first "useful" thing I ever wrote.
+I hope it fits your needs, but remember the experimental state of libssh : if
+something doesn't work, please mail me. If something lacks, please ask for it.
+If something stinks, please write a patch and send it !
+</div>
+
+</body>
+</html>

doc/authentication.dox

@@ -1,373 +0,0 @@
-/**
-@page libssh_tutor_authentication Chapter 2: A deeper insight on authentication
-@section authentication_details A deeper insight on authentication
-
-In our guided tour, we merely mentioned that the user needed to authenticate.
-We didn't explain much in detail how that was supposed to happen.
-This chapter explains better the four authentication methods: with public keys,
-with a password, with challenges and responses (keyboard-interactive), and with
-no authentication at all.
-
-If your software is supposed to connect to an arbitrary server, then you
-might need to support all authentication methods. If your software will
-connect only to a given server, then it might be enough for your software
-to support only the authentication methods used by that server. If you are
-the administrator of the server, it might be your call to choose those
-authentication methods.
-
-It is not the purpose of this document to review in detail the advantages
-and drawbacks of each authentication method. You are therefore invited
-to read the abundant documentation on this topic to fully understand the
-advantages and security risks linked to each method.
-
-
-@subsection pubkeys Authenticating with public keys 
-
-libssh is fully compatible with the openssh public and private keys. You
-can either use the automatic public key authentication method provided by
-libssh, or roll your own using the public key functions.
-
-The process of authenticating by public key to a server is the following:
- - you scan a list of files that contain public keys. each key is sent to
-   the SSH server, until the server acknowledges a key (a key it knows can be
-   used to authenticate the user).
- - then, you retrieve the private key for this key and send a message
-   proving that you know that private key.
-
-The function ssh_userauth_autopubkey() does this using the available keys in
-"~/.ssh/".  The return values are the following:
- - SSH_AUTH_ERROR: some serious error happened during authentication
- - SSH_AUTH_DENIED: no key matched
- - SSH_AUTH_SUCCESS: you are now authenticated
- - SSH_AUTH_PARTIAL: some key matched but you still have to provide an other
-                     mean of authentication (like a password). 
-
-The ssh_userauth_autopubkey() function also tries to authenticate using the
-SSH agent, if you have one running, or the "none" method otherwise.
-
-If you wish to authenticate with public key by your own, follow these steps:
- - Retrieve the public key in a ssh_string using publickey_from_file().
- - Offer the public key to the SSH server using ssh_userauth_offer_pubkey().
-   If the return value is SSH_AUTH_SUCCESS, the SSH server accepts to
-   authenticate using the public key and you can go to the next step.
- - Retrieve the private key, using the privatekey_from_file() function. If
-   a passphrase is needed, either the passphrase specified as argument or
-   a callback (see callbacks section) will be used.
- - Authenticate using ssh_userauth_pubkey() with your public key string
-   and private key.
- - Do not forget cleaning up memory using string_free() and privatekey_free().
-
-Here is a minimalistic example of public key authentication:
-
-@code
-int authenticate_pubkey(ssh_session session)
-{
-  int rc;
-
-  rc = ssh_userauth_autopubkey(session, NULL);
-
-  if (rc == SSH_AUTH_ERROR)
-  {
-     fprintf(stderr, "Authentication failed: %s\n",
-       ssh_get_error(session));
-     return SSH_AUTH_ERROR;
-  }
-
-  return rc;
-}
-@endcode
-
-@see ssh_userauth_autopubkey
-@see ssh_userauth_offer_pubkey
-@see ssh_userauth_pubkey
-@see publickey_from_file
-@see publickey_from_privatekey
-@see string_free
-@see privatekey_from_file
-@see privatekey_free
-
-
-@subsection password Authenticating with a password
-
-The function ssh_userauth_password() serves the purpose of authenticating
-using a password. It will return SSH_AUTH_SUCCESS if the password worked,
-or one of other constants otherwise. It's your work to ask the password
-and to deallocate it in a secure manner.
-
-If your server complains that the password is wrong, but you can still
-authenticate using openssh's client (issuing password), it's probably
-because openssh only accept keyboard-interactive. Switch to
-keyboard-interactive authentication, or try to configure plain text passwords
-on the SSH server.
-
-Here is a small example of password authentication:
-
-@code
-int authenticate_password(ssh_session session)
-{
-  char *password;
-  int rc;
-
-  password = getpass("Enter your password: ");
-  rc = ssh_userauth_password(session, NULL, password);
-  if (rc == SSH_AUTH_ERROR)
-  {
-     fprintf(stderr, "Authentication failed: %s\n",
-       ssh_get_error(session));
-     return SSH_AUTH_ERROR;
-  }
-
-  return rc;
-}
-@endcode
-
-@see ssh_userauth_password
-
-
-@subsection keyb_int The keyboard-interactive authentication method
-
-The keyboard-interactive method is, as its name tells, interactive. The
-server will issue one or more challenges that the user has to answer,
-until the server takes an authentication decision.
-
-ssh_userauth_kbdint() is the the main keyboard-interactive function. 
-It will return SSH_AUTH_SUCCESS,SSH_AUTH_DENIED, SSH_AUTH_PARTIAL,
-SSH_AUTH_ERROR, or SSH_AUTH_INFO, depending on the result of the request.
-
-The keyboard-interactive authentication method of SSH2 is a feature that
-permits the server to ask a certain number of questions in an interactive
-manner to the client, until it decides to accept or deny the login.
-
-To begin, you call ssh_userauth_kbdint() (just set user and submethods to
-NULL) and store the answer.
-
-If the answer is SSH_AUTH_INFO, it means that the server has sent a few
-questions that you should ask the user. You can retrieve these questions
-with the following functions: ssh_userauth_kbdint_getnprompts(),
-ssh_userauth_kbdint_getname(), ssh_userauth_kbdint_getinstruction(), and
-ssh_userauth_kbdint_getprompt().
-
-Set the answer for each question in the challenge using
-ssh_userauth_kbdint_setanswer().
-
-Then, call again ssh_userauth_kbdint() and start the process again until
-these functions returns something else than SSH_AUTH_INFO.
-
-Here are a few remarks:
- - Even the first call can return SSH_AUTH_DENIED or SSH_AUTH_SUCCESS.
- - The server can send an empty question set (this is the default behavior
-   on my system) after you have sent the answers to the first questions.
-   You must still parse the answer, it might contain some 
-   message from the server saying hello or such things. Just call
-   ssh_userauth_kbdint() until needed. 
- - The meaning of "name", "prompt", "instruction" may be a little
-   confusing. An explanation is given in the RFC section that follows.
-
-Here is a little note about how to use the information from
-keyboard-interactive authentication, coming from the RFC itself (rfc4256):
-
-@verbatim
- 
-  3.3 User Interface Upon receiving a request message, the client SHOULD
-  prompt the user as follows: A command line interface (CLI) client SHOULD
-  print the name and instruction (if non-empty), adding newlines. Then for
-  each prompt in turn, the client SHOULD display the prompt and read the
-  user input.
-  
-  A graphical user interface (GUI) client has many choices on how to prompt
-  the user. One possibility is to use the name field (possibly prefixed
-  with the application's name) as the title of a dialog window in which
-  the prompt(s) are presented. In that dialog window, the instruction field
-  would be a text message, and the prompts would be labels for text entry
-  fields. All fields SHOULD be presented to the user, for example an
-  implementation SHOULD NOT discard the name field because its windows lack
-  titles; it SHOULD instead find another way to display this information. If
-  prompts are presented in a dialog window, then the client SHOULD NOT
-  present each prompt in a separate window.
-  
-  All clients MUST properly handle an instruction field with embedded
-  newlines. They SHOULD also be able to display at least 30 characters for
-  the name and prompts. If the server presents names or prompts longer than 30
-  characters, the client MAY truncate these fields to the length it can
-  display. If the client does truncate any fields, there MUST be an obvious
-  indication that such truncation has occured.
-  
-  The instruction field SHOULD NOT be truncated. Clients SHOULD use control
-  character filtering as discussed in [SSH-ARCH] to avoid attacks by
-  including terminal control characters in the fields to be displayed.
-  
-  For each prompt, the corresponding echo field indicates whether or not
-  the user input should be echoed as characters are typed. Clients SHOULD
-  correctly echo/mask user input for each prompt independently of other
-  prompts in the request message. If a client does not honor the echo field
-  for whatever reason, then the client MUST err on the side of
-  masking input. A GUI client might like to have a checkbox toggling
-  echo/mask. Clients SHOULD NOT add any additional characters to the prompt
-  such as ": " (colon-space); the server is responsible for supplying all
-  text to be displayed to the user. Clients MUST also accept empty responses
-  from the user and pass them on as empty strings.
-@endverbatim
-
-The following example shows how to perform keyboard-interactive authentication:
-
-@code
-int authenticate_kbdint(ssh_session session)
-{
-  int rc;
-
-  rc = ssh_userauth_kbdint(session, NULL, NULL);
-  while (rc == SSH_AUTH_INFO)
-  {
-    const char *name, *instruction;
-    int nprompts, iprompt;
-
-    name = ssh_userauth_kbdint_getname(session);
-    instruction = ssh_userauth_kbdint_getinstruction(session);
-    nprompts = ssh_userauth_kbdint_getnprompts(session);
-
-    if (strlen(name) > 0)
-      printf("%s\n", name);
-    if (strlen(instruction) > 0)
-      printf("%s\n", instruction);
-    for (iprompt = 0; iprompt < nprompts; iprompt++)
-    {
-      const char *prompt;
-      char echo;
-
-      prompt = ssh_userauth_kbdint_getprompt(session, iprompt, &echo);
-      if (echo)
-      {
-        char buffer[128], *ptr;
-
-        printf("%s", prompt);
-        if (fgets(buffer, sizeof(buffer), stdin) == NULL)
-          return SSH_AUTH_ERROR;
-        buffer[sizeof(buffer) - 1] = '\0';
-        if ((ptr = strchr(buffer, '\n')) != NULL)
-          *ptr = '\0';
-        if (ssh_userauth_kbdint_setanswer(session, iprompt, buffer) < 0)
-          return SSH_AUTH_ERROR;
-        memset(buffer, 0, strlen(buffer));
-      }
-      else
-      {
-        char *ptr;
-
-        ptr = getpass(prompt);
-        if (ssh_userauth_kbdint_setanswer(session, iprompt, ptr) < 0)
-          return SSH_AUTH_ERROR;
-      }
-    }
-    rc = ssh_userauth_kbdint(session, NULL, NULL);
-  }
-  return rc;
-}
-@endcode
-
-@see ssh_userauth_kbdint()
-@see ssh_userauth_kbdint_getnprompts
-@see ssh_userauth_kbdint_getname 
-@see ssh_userauth_kbdint_getinstruction
-@see ssh_userauth_kbdint_getprompt
-@see ssh_userauth_kbdint_setanswer()
-
-
-@subsection none Authenticating with "none" method
-
-The primary purpose of the "none" method is to get authenticated **without**
-any credential. Don't do that, use one of the other authentication methods,
-unless you really want to grant anonymous access.
-
-If the account has no password, and if the server is configured to let you
-pass, ssh_userauth_none() might answer SSH_AUTH_SUCCESS.
-
-The following example shows how to perform "none" authentication:
-
-@code
-int authenticate_kbdint(ssh_session session)
-{
-  int rc;
-
-  rc = ssh_userauth_none(session, NULL, NULL);
-  return rc;
-}
-@endcode
-
-@subsection auth_list Getting the list of supported authentications
-
-You are not meant to choose a given authentication method, you can
-let the server tell you which methods are available. Once you know them,
-you try them one after the other.
-
-The following example shows how to get the list of available authentication
-methods with ssh_userauth_list() and how to use the result:
-
-@code
-int test_several_auth_methods(ssh_session session)
-{
-  int method, rc;
-
-  method = ssh_userauth_list(session, NULL);
-
-  if (method & SSH_AUTH_METHOD_NONE)
-  { // For the source code of function authenticate_none(),
-    // refer to the corresponding example
-    rc = authenticate_none(session);
-    if (rc == SSH_AUTH_SUCCESS) return rc;
-  }
-  if (method & SSH_AUTH_METHOD_PUBLICKEY)
-  { // For the source code of function authenticate_pubkey(),
-    // refer to the corresponding example
-    rc = authenticate_pubkey(session);
-    if (rc == SSH_AUTH_SUCCESS) return rc;
-  }
-  if (method & SSH_AUTH_METHOD_INTERACTIVE)
-  { // For the source code of function authenticate_kbdint(),
-    // refer to the corresponding example
-    rc = authenticate_kbdint(session);
-    if (rc == SSH_AUTH_SUCCESS) return rc;
-  }
-  if (method & SSH_AUTH_METHOD_PASSWORD)
-  { // For the source code of function authenticate_password(),
-    // refer to the corresponding example
-    rc = authenticate_password(session);
-    if (rc == SSH_AUTH_SUCCESS) return rc;
-  }
-  return SSH_AUTH_ERROR;
-}
-@endcode
-
-
-@subsection banner Getting the banner
-
-The SSH server might send a banner, which you can retrieve with
-ssh_get_issue_banner(), then display to the user.
-
-The following example shows how to retrieve and dispose the issue banner:
-
-@code
-int display_banner(ssh_session session)
-{
-  int rc;
-  char *banner;
-
-/*
- *** Does not work without calling ssh_userauth_none() first ***
- *** That will be fixed ***
-*/
-  rc = ssh_userauth_none(session, NULL);
-  if (rc == SSH_AUTH_ERROR)
-    return rc;
-
-  banner = ssh_get_issue_banner(session);
-  if (banner)
-  {
-    printf("%s\n", banner);
-    free(banner);
-  }
-
-  return rc;
-}
-@endcode
-
-*/

doc/command.dox

@@ -1,94 +0,0 @@
-/**
-@page libssh_tutor_command Chapter 4: Passing a remote command
-@section remote_command Passing a remote command
-
-Previous chapter has shown how to open a full shell session, with an attached
-terminal or not. If you only need to execute a command on the remote end,
-you don't need all that complexity.
-
-The method described here is suited for executing only one remote command.
-If you need to issue several commands in a row, you should consider using
-a non-interactive remote shell, as explained in previous chapter.
-
-@see shell
-
-
-@subsection exec_remote Executing a remote command
-
-The first steps for executing a remote command are identical to those
-for opening remote shells. You first need a SSH channel, and then
-a SSH session that uses this channel:
-
-@code
-int show_remote_files(ssh_session session)
-{
-  ssh_channel channel;
-  int rc;
-
-  channel = ssh_channel_new(session);
-  if (channel == NULL) return SSH_ERROR;
-
-  rc = ssh_channel_open_session(channel);
-  if (rc != SSH_OK)
-  {
-    ssh_channel_free(channel);
-    return rc;
-  }
-@endcode
-
-Once a session is open, you can start the remote command with
-ssh_channel_request_exec():
-
-@code
-  rc = ssh_channel_request_exec(channel, "ls -l");
-  if (rc != SSH_OK)
-  {
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    return rc;
-  }
-@endcode
-
-If the remote command displays data, you get them with ssh_channel_read().
-This function returns the number of bytes read. If there is no more
-data to read on the channel, this function returns 0, and you can go to next step.
-If an error has been encountered, it returns a negative value:
-
-@code
-  char buffer[256];
-  unsigned int nbytes;
-
-  nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-  while (nbytes > 0)
-  {
-    if (fwrite(buffer, 1, nbytes, stdout) != nbytes)
-    {
-      ssh_channel_close(channel);
-      ssh_channel_free(channel);
-      return SSH_ERROR;
-    }
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-  }
-
-  if (nbytes < 0)
-  {
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    return SSH_ERROR;
-  }
-@endcode
-
-Once you read the result of the remote command, you send an
-end-of-file to the channel, close it, and free the memory
-that it used:
-
-@code
-  ssh_channel_send_eof(channel);
-  ssh_channel_close(channel);
-  ssh_channel_free(channel);
-
-  return SSH_OK;
-}
-@endcode
-
-*/

doc/doxy.config.in

@@ -1,14 +1,14 @@
-# Doxyfile 1.6.1
+# Doxyfile 1.7.3
 
 # This file describes the settings to be used by the documentation system
-# doxygen (www.doxygen.org) for a project
+# doxygen (www.doxygen.org) for a project.
 #
-# All text after a hash (#) is considered a comment and will be ignored
+# All text after a hash (#) is considered a comment and will be ignored.
 # The format is:
 #       TAG = value [value, ...]
 # For lists items can also be appended using:
 #       TAG += value [value, ...]
-# Values that contain spaces should be placed between quotes (" ")
+# Values that contain spaces should be placed between quotes (" ").
 
 #---------------------------------------------------------------------------
 # Project related configuration options
@@ -33,6 +33,17 @@ PROJECT_NAME           = @APPLICATION_NAME@
 
 PROJECT_NUMBER         = @APPLICATION_VERSION@
 
+# Using the PROJECT_BRIEF tag one can provide an optional one line description for a project that appears at the top of each page and should give viewer a quick idea about the purpose of the project. Keep the description short.
+
+PROJECT_BRIEF          =
+
+# With the PROJECT_LOGO tag one can specify an logo or icon that is
+# included in the documentation. The maximum height of the logo should not
+# exceed 55 pixels and the maximum width should not exceed 200 pixels.
+# Doxygen will copy the logo to the output directory.
+
+PROJECT_LOGO           =
+
 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
 # base path where the generated documentation will be put.
 # If a relative path is entered, it will be relative to the location
@@ -57,7 +68,7 @@ CREATE_SUBDIRS         = NO
 # Croatian, Czech, Danish, Dutch, Esperanto, Farsi, Finnish, French, German,
 # Greek, Hungarian, Italian, Japanese, Japanese-en (Japanese with English
 # messages), Korean, Korean-en, Lithuanian, Norwegian, Macedonian, Persian,
-# Polish, Portuguese, Romanian, Russian, Serbian, Serbian-Cyrilic, Slovak,
+# Polish, Portuguese, Romanian, Russian, Serbian, Serbian-Cyrillic, Slovak,
 # Slovene, Spanish, Swedish, Ukrainian, and Vietnamese.
 
 OUTPUT_LANGUAGE        = English
@@ -136,7 +147,7 @@ STRIP_FROM_PATH        = @CMAKE_SOURCE_DIR@
 STRIP_FROM_INC_PATH    = @CMAKE_SOURCE_DIR@
 
 # If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
-# (but less readable) file names. This can be useful is your file systems
+# (but less readable) file names. This can be useful if your file system
 # doesn't support long names like on DOS, Mac, or CD-ROM.
 
 SHORT_NAMES            = NO
@@ -217,14 +228,15 @@ OPTIMIZE_FOR_FORTRAN   = NO
 
 OPTIMIZE_OUTPUT_VHDL   = NO
 
-# Doxygen selects the parser to use depending on the extension of the files it parses.
-# With this tag you can assign which parser to use for a given extension.
-# Doxygen has a built-in mapping, but you can override or extend it using this tag.
-# The format is ext=language, where ext is a file extension, and language is one of
-# the parsers supported by doxygen: IDL, Java, Javascript, C#, C, C++, D, PHP,
-# Objective-C, Python, Fortran, VHDL, C, C++. For instance to make doxygen treat
-# .inc files as Fortran files (default is PHP), and .f files as C (default is Fortran),
-# use: inc=Fortran f=C. Note that for custom extensions you also need to set FILE_PATTERNS otherwise the files are not read by doxygen.
+# Doxygen selects the parser to use depending on the extension of the files it
+# parses. With this tag you can assign which parser to use for a given extension.
+# Doxygen has a built-in mapping, but you can override or extend it using this
+# tag. The format is ext=language, where ext is a file extension, and language
+# is one of the parsers supported by doxygen: IDL, Java, Javascript, CSharp, C,
+# C++, D, PHP, Objective-C, Python, Fortran, VHDL, C, C++. For instance to make
+# doxygen treat .inc files as Fortran files (default is PHP), and .f files as C
+# (default is Fortran), use: inc=Fortran f=C. Note that for custom extensions
+# you also need to set FILE_PATTERNS otherwise the files are not read by doxygen.
 
 EXTENSION_MAPPING      =
 
@@ -232,7 +244,7 @@ EXTENSION_MAPPING      =
 # to include (a tag file for) the STL sources as input, then you should
 # set this tag to YES in order to let doxygen match functions declarations and
 # definitions whose arguments contain STL classes (e.g. func(std::string); v.s.
-# func(std::string) {}). This also make the inheritance and collaboration
+# func(std::string) {}). This also makes the inheritance and collaboration
 # diagrams that involve STL classes more complete and accurate.
 
 BUILTIN_STL_SUPPORT    = NO
@@ -250,7 +262,7 @@ SIP_SUPPORT            = NO
 
 # For Microsoft's IDL there are propget and propput attributes to indicate getter
 # and setter methods for a property. Setting this option to YES (the default)
-# will make doxygen to replace the get and set methods by a property in the
+# will make doxygen replace the get and set methods by a property in the
 # documentation. This will only work if the methods are indeed getting or
 # setting a simple type. If this is not the case, or you want to show the
 # methods anyway, you should set this option to NO.
@@ -288,10 +300,10 @@ TYPEDEF_HIDES_STRUCT   = YES
 # For small to medium size projects (<1000 input files) the default value is
 # probably good enough. For larger projects a too small cache size can cause
 # doxygen to be busy swapping symbols to and from disk most of the time
-# causing a significant performance penality.
+# causing a significant performance penalty.
 # If the system has enough physical memory increasing the cache will improve the
 # performance by keeping more symbols in memory. Note that the value works on
-# a logarithmic scale so increasing the size by one will rougly double the
+# a logarithmic scale so increasing the size by one will roughly double the
 # memory usage. The cache size is given by this formula:
 # 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0,
 # corresponding to a cache size of 2^16 = 65536 symbols
@@ -336,7 +348,7 @@ EXTRACT_LOCAL_METHODS  = NO
 # extracted and appear in the documentation as a namespace called
 # 'anonymous_namespace{file}', where file will be replaced with the base
 # name of the file that contains the anonymous namespace. By default
-# anonymous namespace are hidden.
+# anonymous namespaces are hidden.
 
 EXTRACT_ANON_NSPACES   = NO
 
@@ -374,7 +386,7 @@ HIDE_IN_BODY_DOCS      = NO
 # to NO (the default) then the documentation will be excluded.
 # Set it to YES to include the internal documentation.
 
-INTERNAL_DOCS          = @CMAKE_INTERNAL_DOC@
+INTERNAL_DOCS          = NO
 
 # If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
 # file names in lower-case letters. If set to YES upper-case letters are also
@@ -396,6 +408,12 @@ HIDE_SCOPE_NAMES       = NO
 
 SHOW_INCLUDE_FILES     = YES
 
+# If the FORCE_LOCAL_INCLUDES tag is set to YES then Doxygen
+# will list include files with double quotes in the documentation
+# rather than with sharp brackets.
+
+FORCE_LOCAL_INCLUDES   = NO
+
 # If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
 # is inserted in the documentation for inline members.
 
@@ -415,7 +433,13 @@ SORT_MEMBER_DOCS       = YES
 
 SORT_BRIEF_DOCS        = YES
 
-# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the (brief and detailed) documentation of class members so that constructors and destructors are listed first. If set to NO (the default) the constructors will appear in the respective orders defined by SORT_MEMBER_DOCS and SORT_BRIEF_DOCS. This tag will be ignored for brief docs if SORT_BRIEF_DOCS is set to NO and ignored for detailed docs if SORT_MEMBER_DOCS is set to NO.
+# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen
+# will sort the (brief and detailed) documentation of class members so that
+# constructors and destructors are listed first. If set to NO (the default)
+# the constructors will appear in the respective orders defined by
+# SORT_MEMBER_DOCS and SORT_BRIEF_DOCS.
+# This tag will be ignored for brief docs if SORT_BRIEF_DOCS is set to NO
+# and ignored for detailed docs if SORT_MEMBER_DOCS is set to NO.
 
 SORT_MEMBERS_CTORS_1ST = NO
 
@@ -435,6 +459,12 @@ SORT_GROUP_NAMES       = NO
 
 SORT_BY_SCOPE_NAME     = NO
 
+# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper type resolution of all parameters of a function it will reject a
+# match between the prototype and the implementation of a member function even if there is only one candidate or it is obvious which candidate to choose by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen
+# will still accept a match between prototype and implementation in such cases.
+
+STRICT_PROTO_MATCHING  = NO
+
 # The GENERATE_TODOLIST tag can be used to enable (YES) or
 # disable (NO) the todo list. This list is created by putting \todo
 # commands in the documentation.
@@ -465,10 +495,10 @@ GENERATE_DEPRECATEDLIST= YES
 ENABLED_SECTIONS       =
 
 # The MAX_INITIALIZER_LINES tag determines the maximum number of lines
-# the initial value of a variable or define consists of for it to appear in
+# the initial value of a variable or macro consists of for it to appear in
 # the documentation. If the initializer consists of more lines than specified
 # here it will be hidden. Use a value of 0 to hide initializers completely.
-# The appearance of the initializer of individual variables and defines in the
+# The appearance of the initializer of individual variables and macros in the
 # documentation can be controlled using \showinitializer or \hideinitializer
 # command in the documentation regardless of this setting.
 
@@ -509,12 +539,12 @@ SHOW_NAMESPACES        = YES
 
 FILE_VERSION_FILTER    =
 
-# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed by
-# doxygen. The layout file controls the global structure of the generated output files
-# in an output format independent way. The create the layout file that represents
-# doxygen's defaults, run doxygen with the -l option. You can optionally specify a
-# file name after the option, if omitted DoxygenLayout.xml will be used as the name
-# of the layout file.
+# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed
+# by doxygen. The layout file controls the global structure of the generated
+# output files in an output format independent way. The create the layout file
+# that represents doxygen's defaults, run doxygen with the -l option.
+# You can optionally specify a file name after the option, if omitted
+# DoxygenLayout.xml will be used as the name of the layout file.
 
 LAYOUT_FILE            =
 
@@ -546,7 +576,7 @@ WARN_IF_UNDOCUMENTED   = YES
 
 WARN_IF_DOC_ERROR      = YES
 
-# This WARN_NO_PARAMDOC option can be abled to get warnings for
+# The WARN_NO_PARAMDOC option can be enabled to get warnings for
 # functions that are documented, but have no documentation for their parameters
 # or return value. If set to NO (the default) doxygen will only warn about
 # wrong or incomplete parameter documentation, but not about the absence of
@@ -567,7 +597,7 @@ WARN_FORMAT            = "$file:$line: $text"
 # and error messages should be written. If left blank the output is written
 # to stderr.
 
-WARN_LOGFILE           =
+WARN_LOGFILE           = @CMAKE_CURRENT_BINARY_DIR@/doxy.log
 
 #---------------------------------------------------------------------------
 # configuration options related to the input files
@@ -579,7 +609,7 @@ WARN_LOGFILE           =
 # with spaces.
 
 INPUT                  = @CMAKE_SOURCE_DIR@/include/libssh \
-                         @CMAKE_SOURCE_DIR@/src \
+                         @CMAKE_SOURCE_DIR@/libssh \
                          @CMAKE_SOURCE_DIR@/doc
 
 # This tag can be used to specify the character encoding of the source files
@@ -594,8 +624,9 @@ INPUT_ENCODING         = UTF-8
 # FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
 # and *.h) to filter out the source-files in the directories. If left
 # blank the following patterns are tested:
-# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx
-# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py *.f90
+# *.c *.cc *.cxx *.cpp *.c++ *.d *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh
+# *.hxx *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.dox *.py
+# *.f90 *.f *.for *.vhd *.vhdl
 
 FILE_PATTERNS          = *.cpp \
                          *.cc \
@@ -618,7 +649,7 @@ RECURSIVE              = YES
 EXCLUDE                =
 
 # The EXCLUDE_SYMLINKS tag can be used select whether or not files or
-# directories that are symbolic links (a Unix filesystem feature) are excluded
+# directories that are symbolic links (a Unix file system feature) are excluded
 # from the input.
 
 EXCLUDE_SYMLINKS       = NO
@@ -632,6 +663,7 @@ EXCLUDE_SYMLINKS       = NO
 EXCLUDE_PATTERNS       = */.git/* \
                          */.svn/* \
                          */cmake/* \
+                         */doc/* \
                          */build/*
 
 # The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
@@ -691,8 +723,8 @@ INPUT_FILTER           =
 # filter if there is a match.
 # The filters are a list of the form:
 # pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
-# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER
-# is applied to all files.
+# info on how filters are used. If FILTER_PATTERNS is empty or if
+# non of the patterns match the file name, INPUT_FILTER is applied.
 
 FILTER_PATTERNS        =
 
@@ -702,6 +734,14 @@ FILTER_PATTERNS        =
 
 FILTER_SOURCE_FILES    = NO
 
+# The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file
+# pattern. A pattern will override the setting for FILTER_PATTERN (if any)
+# and it is also possible to disable source filtering for a specific pattern
+# using *.ext= (so without naming a filter). This option only has effect when
+# FILTER_SOURCE_FILES is enabled.
+
+FILTER_SOURCE_PATTERNS =
+
 #---------------------------------------------------------------------------
 # configuration options related to source browsing
 #---------------------------------------------------------------------------
@@ -814,11 +854,6 @@ HTML_HEADER            =
 
 HTML_FOOTER            =
 
-# If the HTML_TIMESTAMP tag is set to YES then the generated HTML
-# documentation will contain the timesstamp.
-
-HTML_TIMESTAMP         = NO
-
 # The HTML_STYLESHEET tag can be used to specify a user-defined cascading
 # style sheet that is used by each HTML page. It can be used to
 # fine-tune the look of the HTML output. If the tag is left blank doxygen
@@ -828,6 +863,37 @@ HTML_TIMESTAMP         = NO
 
 HTML_STYLESHEET        =
 
+# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output.
+# Doxygen will adjust the colors in the stylesheet and background images
+# according to this color. Hue is specified as an angle on a colorwheel,
+# see http://en.wikipedia.org/wiki/Hue for more information.
+# For instance the value 0 represents red, 60 is yellow, 120 is green,
+# 180 is cyan, 240 is blue, 300 purple, and 360 is red again.
+# The allowed range is 0 to 359.
+
+HTML_COLORSTYLE_HUE    = 220
+
+# The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of
+# the colors in the HTML output. For a value of 0 the output will use
+# grayscales only. A value of 255 will produce the most vivid colors.
+
+HTML_COLORSTYLE_SAT    = 100
+
+# The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to
+# the luminance component of the colors in the HTML output. Values below
+# 100 gradually make the output lighter, whereas values above 100 make
+# the output darker. The value divided by 100 is the actual gamma applied,
+# so 80 represents a gamma of 0.8, The value 220 represents a gamma of 2.2,
+# and 100 does not change the gamma.
+
+HTML_COLORSTYLE_GAMMA  = 80
+
+# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML
+# page will contain the date and time when the page was generated. Setting
+# this to NO can help when comparing the output of multiple runs.
+
+HTML_TIMESTAMP         = NO
+
 # If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
 # files or namespaces will be aligned in HTML using tables. If set to
 # NO a bullet list will be used.
@@ -850,7 +916,8 @@ HTML_DYNAMIC_SECTIONS  = NO
 # directory and running "make install" will install the docset in
 # ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find
 # it at startup.
-# See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html for more information.
+# See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html
+# for more information.
 
 GENERATE_DOCSET        = NO
 
@@ -868,6 +935,16 @@ DOCSET_FEEDNAME        = "Doxygen generated docs"
 
 DOCSET_BUNDLE_ID       = org.doxygen.Project
 
+# When GENERATE_PUBLISHER_ID tag specifies a string that should uniquely identify
+# the documentation publisher. This should be a reverse domain-name style
+# string, e.g. com.mycompany.MyDocSet.documentation.
+
+DOCSET_PUBLISHER_ID    = org.doxygen.Publisher
+
+# The GENERATE_PUBLISHER_NAME tag identifies the documentation publisher.
+
+DOCSET_PUBLISHER_NAME  = Publisher
+
 # If the GENERATE_HTMLHELP tag is set to YES, additional index files
 # will be generated that can be used as input for tools like the
 # Microsoft HTML help workshop to generate a compiled HTML help file (.chm)
@@ -912,10 +989,10 @@ BINARY_TOC             = NO
 
 TOC_EXPAND             = NO
 
-# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and QHP_VIRTUAL_FOLDER
-# are set, an additional index file will be generated that can be used as input for
-# Qt's qhelpgenerator to generate a Qt Compressed Help (.qch) of the generated
-# HTML documentation.
+# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and
+# QHP_VIRTUAL_FOLDER are set, an additional index file will be generated
+# that can be used as input for Qt's qhelpgenerator to generate a
+# Qt Compressed Help (.qch) of the generated HTML documentation.
 
 GENERATE_QHP           = NO
 
@@ -929,7 +1006,7 @@ QCH_FILE               =
 # Qt Help Project output. For more information please see
 # http://doc.trolltech.com/qthelpproject.html#namespace
 
-QHP_NAMESPACE          =
+QHP_NAMESPACE          = org.doxygen.Project
 
 # The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating
 # Qt Help Project output. For more information please see
@@ -937,20 +1014,24 @@ QHP_NAMESPACE          =
 
 QHP_VIRTUAL_FOLDER     = doc
 
-# If QHP_CUST_FILTER_NAME is set, it specifies the name of a custom filter to add.
-# For more information please see
+# If QHP_CUST_FILTER_NAME is set, it specifies the name of a custom filter to
+# add. For more information please see
 # http://doc.trolltech.com/qthelpproject.html#custom-filters
 
 QHP_CUST_FILTER_NAME   =
 
-# The QHP_CUST_FILT_ATTRS tag specifies the list of the attributes of the custom filter to add.For more information please see
-# <a href="http://doc.trolltech.com/qthelpproject.html#custom-filters">Qt Help Project / Custom Filters</a>.
+# The QHP_CUST_FILT_ATTRS tag specifies the list of the attributes of the
+# custom filter to add. For more information please see
+# <a href="http://doc.trolltech.com/qthelpproject.html#custom-filters">
+# Qt Help Project / Custom Filters</a>.
 
 QHP_CUST_FILTER_ATTRS  =
 
-# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this project's
+# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this
+# project's
 # filter section matches.
-# <a href="http://doc.trolltech.com/qthelpproject.html#filter-attributes">Qt Help Project / Filter Attributes</a>.
+# <a href="http://doc.trolltech.com/qthelpproject.html#filter-attributes">
+# Qt Help Project / Filter Attributes</a>.
 
 QHP_SECT_FILTER_ATTRS  =
 
@@ -961,14 +1042,32 @@ QHP_SECT_FILTER_ATTRS  =
 
 QHG_LOCATION           =
 
+# If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files
+#  will be generated, which together with the HTML files, form an Eclipse help
+# plugin. To install this plugin and make it available under the help contents
+# menu in Eclipse, the contents of the directory containing the HTML and XML
+# files needs to be copied into the plugins directory of eclipse. The name of
+# the directory within the plugins directory should be the same as
+# the ECLIPSE_DOC_ID value. After copying Eclipse needs to be restarted before
+# the help appears.
+
+GENERATE_ECLIPSEHELP   = NO
+
+# A unique identifier for the eclipse help plugin. When installing the plugin
+# the directory name containing the HTML and XML files should also have
+# this name.
+
+ECLIPSE_DOC_ID         = org.doxygen.Project
+
 # The DISABLE_INDEX tag can be used to turn on/off the condensed index at
 # top of each HTML page. The value NO (the default) enables the index and
 # the value YES disables it.
 
 DISABLE_INDEX          = NO
 
-# This tag can be used to set the number of enum values (range [1..20])
+# This tag can be used to set the number of enum values (range [0,1..20])
 # that doxygen will group on one line in the generated HTML documentation.
+# Note that a value of 0 will completely suppress the enum values from appearing in the overview section.
 
 ENUM_VALUES_PER_LINE   = 4
 
@@ -993,6 +1092,11 @@ USE_INLINE_TREES       = NO
 
 TREEVIEW_WIDTH         = 250
 
+# When the EXT_LINKS_IN_WINDOW option is set to YES doxygen will open
+# links to external symbols imported via tag files in a separate window.
+
+EXT_LINKS_IN_WINDOW    = NO
+
 # Use this tag to change the font size of Latex formulas included
 # as images in the HTML documentation. The default is 10. Note that
 # when you change the font size after a successful doxygen run you need
@@ -1001,13 +1105,53 @@ TREEVIEW_WIDTH         = 250
 
 FORMULA_FONTSIZE       = 10
 
-# When the SEARCHENGINE tag is enable doxygen will generate a search box for the HTML output. The underlying search engine uses javascript
-# and DHTML and should work on any modern browser. Note that when using HTML help (GENERATE_HTMLHELP) or Qt help (GENERATE_QHP)
-# there is already a search function so this one should typically
-# be disabled.
+# Use the FORMULA_TRANPARENT tag to determine whether or not the images
+# generated for formulas are transparent PNGs. Transparent PNGs are
+# not supported properly for IE 6.0, but are supported on all modern browsers.
+# Note that when changing this option you need to delete any form_*.png files
+# in the HTML output before the changes have effect.
+
+FORMULA_TRANSPARENT    = YES
+
+# Enable the USE_MATHJAX option to render LaTeX formulas using MathJax
+# (see http://www.mathjax.org) which uses client side Javascript for the
+# rendering instead of using prerendered bitmaps. Use this if you do not
+# have LaTeX installed or if you want to formulas look prettier in the HTML
+# output. When enabled you also need to install MathJax separately and
+# configure the path to it using the MATHJAX_RELPATH option.
+
+USE_MATHJAX            = NO
+
+# When MathJax is enabled you need to specify the location relative to the
+# HTML output directory using the MATHJAX_RELPATH option. The destination
+# directory should contain the MathJax.js script. For instance, if the mathjax
+# directory is located at the same level as the HTML output directory, then
+# MATHJAX_RELPATH should be ../mathjax. The default value points to the mathjax.org site, so you can quickly see the result without installing
+# MathJax, but it is strongly recommended to install a local copy of MathJax
+# before deployment.
+
+MATHJAX_RELPATH        = http://www.mathjax.org/mathjax
+
+# When the SEARCHENGINE tag is enabled doxygen will generate a search box
+# for the HTML output. The underlying search engine uses javascript
+# and DHTML and should work on any modern browser. Note that when using
+# HTML help (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets
+# (GENERATE_DOCSET) there is already a search function so this one should
+# typically be disabled. For large projects the javascript based search engine
+# can be slow, then enabling SERVER_BASED_SEARCH may provide a better solution.
 
 SEARCHENGINE           = NO
 
+# When the SERVER_BASED_SEARCH tag is enabled the search engine will be
+# implemented using a PHP enabled web server instead of at the web client
+# using Javascript. Doxygen will generate the search PHP script and index
+# file to put on the web server. The advantage of the server
+# based approach is that it scales better to large projects and allows
+# full text search. The disadvantages are that it is more difficult to setup
+# and does not have live searching capabilities.
+
+SERVER_BASED_SEARCH    = NO
+
 #---------------------------------------------------------------------------
 # configuration options related to the LaTeX output
 #---------------------------------------------------------------------------
@@ -1025,6 +1169,9 @@ LATEX_OUTPUT           = latex
 
 # The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
 # invoked. If left blank `latex' will be used as the default command name.
+# Note that when enabling USE_PDFLATEX this option is only used for
+# generating bitmaps for formulas in the HTML output, but not in the
+# Makefile that is written to the output directory.
 
 LATEX_CMD_NAME         = @LATEX_COMPILER@
 
@@ -1041,7 +1188,7 @@ MAKEINDEX_CMD_NAME     = @MAKEINDEX_COMPILER@
 COMPACT_LATEX          = NO
 
 # The PAPER_TYPE tag can be used to set the paper type that is used
-# by the printer. Possible values are: a4, a4wide, letter, legal and
+# by the printer. Possible values are: a4, letter, legal and
 # executive. If left blank a4wide will be used.
 
 PAPER_TYPE             = a4
@@ -1084,7 +1231,10 @@ LATEX_BATCHMODE        = YES
 
 LATEX_HIDE_INDICES     = NO
 
-# If LATEX_SOURCE_CODE is set to YES then doxygen will include source code with syntax highlighting in the LaTeX output. Note that which sources are shown also depends on other settings such as SOURCE_BROWSER.
+# If LATEX_SOURCE_CODE is set to YES then doxygen will include
+# source code with syntax highlighting in the LaTeX output.
+# Note that which sources are shown also depends on other settings
+# such as SOURCE_BROWSER.
 
 LATEX_SOURCE_CODE      = NO
 
@@ -1255,7 +1405,7 @@ ENABLE_PREPROCESSING   = YES
 # compilation will be performed. Macro expansion can be done in a controlled
 # way by setting EXPAND_ONLY_PREDEF to YES.
 
-MACRO_EXPANSION        = YES
+MACRO_EXPANSION        = NO
 
 # If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
 # then the macro expansion is limited to the macros specified with the
@@ -1294,15 +1444,14 @@ PREDEFINED             =
 # If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
 # this tag can be used to specify a list of macro names that should be expanded.
 # The macro definition that is found in the sources will be used.
-# Use the PREDEFINED tag if you want to use a different macro definition.
+# Use the PREDEFINED tag if you want to use a different macro definition that overrules the definition found in the source code.
 
 EXPAND_AS_DEFINED      =
 
 # If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
-# doxygen's preprocessor will remove all function-like macros that are alone
-# on a line, have an all uppercase name, and do not end with a semicolon. Such
-# function macros are typically used for boiler-plate code, and will confuse
-# the parser if not removed.
+# doxygen's preprocessor will remove all references to function-like macros
+# that are alone on a line, have an all uppercase name, and do not end with a
+# semicolon, because these will confuse the parser if not removed.
 
 SKIP_FUNCTION_MACROS   = YES
 
@@ -1358,9 +1507,8 @@ PERL_PATH              = /usr/bin/perl
 # If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
 # generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base
 # or super classes. Setting the tag to NO turns the diagrams off. Note that
-# this option is superseded by the HAVE_DOT option below. This is only a
-# fallback. It is recommended to install and use dot, since it yields more
-# powerful graphs.
+# this option also works with HAVE_DOT disabled, but it is recommended to
+# install and use dot, since it yields more powerful graphs.
 
 CLASS_DIAGRAMS         = NO
 
@@ -1386,11 +1534,18 @@ HIDE_UNDOC_RELATIONS   = YES
 
 HAVE_DOT               = @DOXYGEN_DOT_FOUND@
 
-# By default doxygen will write a font called FreeSans.ttf to the output
-# directory and reference it in all dot files that doxygen generates. This
-# font does not include all possible unicode characters however, so when you need
-# these (or just want a differently looking font) you can specify the font name
-# using DOT_FONTNAME. You need need to make sure dot is able to find the font,
+# The DOT_NUM_THREADS specifies the number of dot invocations doxygen is
+# allowed to run in parallel. When set to 0 (the default) doxygen will
+# base this on the number of processors available in the system. You can set it
+# explicitly to a value larger than 0 to get control over the balance
+# between CPU load and processing speed.
+
+DOT_NUM_THREADS        = 0
+
+# By default doxygen will write a font called Helvetica to the output
+# directory and reference it in all dot files that doxygen generates.
+# When you want a differently looking font you can specify the font name
+# using DOT_FONTNAME. You need to make sure dot is able to find the font,
 # which can be done by putting it in a standard location or by setting the
 # DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory
 # containing the font.
@@ -1470,7 +1625,7 @@ CALL_GRAPH             = NO
 CALLER_GRAPH           = NO
 
 # If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
-# will graphical hierarchy of all classes instead of a textual one.
+# will generate a graphical hierarchy of all classes instead of a textual one.
 
 GRAPHICAL_HIERARCHY    = YES
 
@@ -1482,7 +1637,7 @@ GRAPHICAL_HIERARCHY    = YES
 DIRECTORY_GRAPH        = YES
 
 # The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
-# generated by dot. Possible values are png, jpg, or gif
+# generated by dot. Possible values are png, svg, gif or svg.
 # If left blank png will be used.
 
 DOT_IMAGE_FORMAT       = png
@@ -1498,6 +1653,12 @@ DOT_PATH               = @DOXYGEN_DOT_EXECUTABLE_PATH@
 
 DOTFILE_DIRS           =
 
+# The MSCFILE_DIRS tag can be used to specify one or more directories that
+# contain msc files that are included in the documentation (see the
+# \mscfile command).
+
+MSCFILE_DIRS           =
+
 # The DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of
 # nodes that will be shown in the graph. If the number of nodes in a graph
 # becomes larger than this value, doxygen will truncate the graph, which is

doc/forwarding.dox

@@ -1,221 +0,0 @@
-/**
-@page libssh_tutor_forwarding Chapter 7: Forwarding connections (tunnel)
-@section forwarding_connections Forwarding connections
-
-Port forwarding comes in SSH protocol in two different flavours:
-direct or reverse port forwarding. Direct port forwarding is also
-named local port forwardind, and reverse port forwarding is also called
-remote port forwarding. SSH also allows X11 tunnels.
-
-
-
-@subsection forwarding_direct Direct port forwarding
-
-Direct port forwarding is from client to server. The client opens a tunnel,
-and forwards whatever data to the server. Then, the server connects to an
-end point. The end point can reside on another machine or on the SSH
-server itself.
-
-Example of use of direct port forwarding:
-@verbatim
-Mail client application   Google Mail
-         |                    ^
-     5555 (arbitrary)         |
-         |                143 (IMAP2)
-         V                    |
-    SSH client   =====>   SSH server 
-
-Legend:
---P-->: port connexion through port P
-=====>: SSH tunnel
-@endverbatim
-A mail client connects to port 5555 of a client. An encrypted tunnel is
-established to the server. The server connects to port 143 of Google Mail (the
-end point). Now the local mail client can retreive mail.
-
-
-@subsection forwarding_reverse Reverse port forwarding
-
-The reverse forwarding is slightly different. It goes from server to client,
-even though the client has the initiative of establishing the tunnel.
-Once the tunnel is established, the server will listen on a port. Whenever
-a connection to this port is made, the server forwards the data to the client.
-
-Example of use of reverse port forwarding:
-@verbatim
- Local mail server    Mail client application
-         ^                     |
-         |               5555 (arbitrary)
-     143 (IMAP2)               |
-         |                     V
-    SSH client   <=====   SSH server
-
-Legend:
---P-->: port connexion through port P
-=====>: SSH tunnel
-@endverbatim
-In this example, the SSH client establishes the tunnel,
-but it is used to forward the connections established at
-the server to the client.
-
-
-@subsection forwarding_x11 X11 tunnels
-
-X11 tunnels allow a remote application to display locally.
-
-Example of use of X11 tunnels:
-@verbatim
-   Local display     Graphical application
-   (X11 server)          (X11 client)
-         ^                     |
-         |                     V
-    SSH client   <=====   SSH server
-
-Legend:
------>: X11 connection through X11 display number
-=====>: SSH tunnel
-@endverbatim
-The SSH tunnel is established by the client.
-
-How to establish X11 tunnels with libssh has already been described in
-this tutorial.
-
-@see x11
-
-
-@subsection libssh_direct Doing direct port forwarding with libssh
-
-To do direct port forwarding, call function channel_open_forward():
-  - you need a separate channel for the tunnel as first parameter;
-  - second and third parameters are the remote endpoint;
-  - fourth and fifth parameters are sent to the remote server
-    so that they can be logged on that server.
-
-If you don't plan to forward the data you will receive to any local port,
-just put fake values like "localhost" and 5555 as your local host and port.
-
-The example below shows how to open a direct channel that would be
-used to retrieve google's home page from the remote SSH server.
-
-@code
-int direct_forwarding(ssh_session session)
-{
-  ssh_channel forwarding_channel;
-  int rc;
-  char *http_get = "GET / HTTP/1.1\nHost: www.google.com\n\n";
-  int nbytes, nwritten;
-
-  forwarding_channel = ssh_channel_new(session);
-  if (rc != SSH_OK) return rc;
-
-  rc = channel_open_forward(forwarding_channel,
-                            "www.google.com", 80,
-                            "localhost", 5555);
-  if (rc != SSH_OK)
-  {
-    ssh_channel_free(forwarding_channel);
-    return rc;
-  }
-
-  nbytes = strlen(http_get);
-  nwritten = channel_write(forwarding_channel, http_get, nbytes);
-  if (nbytes != nwritten)
-  {
-    ssh_channel_free(forwarding_channel);
-    return SSH_ERROR;
-  }
-
-  ...
-
-  ssh_channel_free(forwarding_channel);
-  return SSH_OK;
-}
-@endcode
-
-The data sent by Google can be retrieved for example with ssh_select()
-and ssh_channel_read(). Goggle's home page can then be displayed on the
-local SSH client, saved into a local file, made available on a local port,
-or whatever use you have for it.
-
-
-@subsection libssh_reverse Doing reverse port forwarding with libssh
-
-To do reverse port forwarding, call ssh_channel_forward_listen(),
-then ssh_channel_forward_accept().
-
-When you call ssh_channel_forward_listen(), you can let the remote server
-chose the non-priviledged port it should listen to. Otherwise, you can chose
-your own priviledged or non-priviledged port. Beware that you should have
-administrative priviledges on the remote server to open a priviledged port
-(port number < 1024).
-
-Below is an example of a very rough web server waiting for connections on port
-8080 of remote SSH server. The incoming connections are passed to the
-local libssh application, which handles them:
-
-@code
-int web_server(ssh_session session)
-{
-  int rc;
-  ssh_channel channel;
-  char buffer[256];
-  int nbytes, nwritten;
-  char *helloworld = ""
-"HTTP/1.1 200 OK\n"
-"Content-Type: text/html\n"
-"Content-Length: 113\n"
-"\n"
-"<html>\n"
-"  <head>\n"
-"    <title>Hello, World!</title>\n"
-"  </head>\n"
-"  <body>\n"
-"    <h1>Hello, World!</h1>\n"
-"  </body>\n"
-"</html>\n";
-
-  rc = ssh_channel_forward_listen(session, NULL, 8080, NULL);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error opening remote port: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  channel = ssh_channel_forward_accept(session, 60000);
-  if (channel == NULL)
-  {
-    fprintf(stderr, "Error waiting for incoming connection: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  while (1)
-  {
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    if (nbytes < 0)
-    {
-      fprintf(stderr, "Error reading incoming data: %s\n", ssh_get_error(session));
-      ssh_channel_send_eof(channel);
-      ssh_channel_free(channel);
-      return SSH_ERROR;
-    }
-    if (strncmp(buffer, "GET /", 5)) continue;
-
-    nbytes = strlen(helloworld);
-    nwritten = ssh_channel_write(channel, helloworld, nbytes);
-    if (nwritten != nbytes)
-    {
-      fprintf(stderr, "Error sending answer: %s\n", ssh_get_error(session));
-      ssh_channel_send_eof(channel);
-      ssh_channel_free(channel);
-      return SSH_ERROR;
-    }
-    printf("Sent answer\n");
-  }
-
-  ssh_channel_send_eof(channel);
-  ssh_channel_free(channel);
-  return SSH_OK;
-}
-@endcode
-
-*/

doc/guided_tour.dox

@@ -1,455 +0,0 @@
-/**
-@page libssh_tutor_guided_tour Chapter 1: A typical SSH session
-@section ssh_session A typical SSH session
-
-A SSH session goes through the following steps:
-
- - Before connecting to the server, you can set up if you wish one or other
-   server public key authentication, i.e. DSA or RSA. You can choose
-   cryptographic algorithms you trust and compression algorithms if any. You
-   must of course set up the hostname.
-
- - The connection is established. A secure handshake is made, and resulting from
-   it, a public key from the server is gained. You MUST verify that the public
-   key is legitimate, using for instance the MD5 fingerprint or the known hosts
-   file.
-
- - The client must authenticate: the classical ways are password, or
-   public keys (from dsa and rsa key-pairs generated by openssh).
-   If a SSH agent is running, it is possible to use it.
-
- - Now that the user has been authenticated, you must open one or several
-   channels. Channels are different subways for information into a single ssh
-   connection. Each channel has a standard stream (stdout) and an error stream
-   (stderr). You can theoretically open an infinity of channels.
-
- - With the channel you opened, you can do several things:
-   - Execute a single command.
-   - Open a shell. You may want to request a pseudo-terminal before.
-   - Invoke the sftp subsystem to transfer files.
-   - Invoke the scp subsystem to transfer files.
-   - Invoke your own subsystem. This is outside the scope of this document,
-     but can be done.
-
- - When everything is finished, just close the channels, and then the connection. 
-
-The sftp and scp subsystems use channels, but libssh hides them to
-the programmer. If you want to use those subsystems, instead of a channel,
-you'll usually open a "sftp session" or a "scp session".
- 
-
-@subsection setup Creating the session and setting options
-
-The most important object in a SSH connection is the SSH session. In order
-to allocate a new SSH session, you use ssh_new(). Don't forget to
-always verify that the allocation successed.
-@code
-#include <libssh/libssh.h> 
-#include <stdlib.h>
-
-int main()
-{
-  ssh_session my_ssh_session = ssh_new();
-  if (my_ssh_session == NULL)
-    exit(-1);
-  ...
-  ssh_free(my_ssh_session);
-}
-@endcode
-
-libssh follows the allocate-it-deallocate-it pattern. Each object that you allocate
-using xxxxx_new() must be deallocated using xxxxx_free(). In this case, ssh_new()
-does the allocation and ssh_free() does the contrary.
-
-The ssh_options_set() function sets the options of the session. The most important options are:
- - SSH_OPTIONS_HOST: the name of the host you want to connect to
- - SSH_OPTIONS_PORT: the used port (default is port 22)
- - SSH_OPTIONS_USER: the system user under which you want to connect
- - SSH_OPTIONS_LOG_VERBOSITY: the quantity of messages that are printed
-
-The complete list of options can be found in the documentation of ssh_options_set().
-The only mandatory option is SSH_OPTIONS_HOST. If you don't use SSH_OPTIONS_USER,
-the local username of your account will be used. 
-
-Here is a small example of how to use it:
-
-@code
-#include <libssh/libssh.h> 
-#include <stdlib.h>
-
-int main()
-{
-  ssh_session my_ssh_session;
-  int verbosity = SSH_LOG_PROTOCOL;
-  int port = 22;
-
-  my_ssh_session = ssh_new();
-  if (my_ssh_session == NULL)
-    exit(-1);
-
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, "localhost");
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity);
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_PORT, &port);
-
-  ...
-
-  ssh_free(my_ssh_session);
-}
-@endcode
-
-Please notice that all parameters are passed to ssh_options_set() as pointers,
-even if you need to set an integer value.
-
-@see ssh_new
-@see ssh_free
-@see ssh_options_set
-@see ssh_options_parse_config
-@see ssh_options_copy
-@see ssh_options_getopt
-
-
-@subsection connect Connecting to the server
-
-Once all settings have been made, you can connect using ssh_connect(). That
-function will return SSH_OK if the connection worked, SSH_ERROR otherwise.
-
-You can get the English error string with ssh_get_error() in order to show the
-user what went wrong. Then, use ssh_disconnect() when you want to stop
-the session.
-
-Here's an example:
-
-@code
-#include <libssh/libssh.h>
-#include <stdlib.h>
-#include <stdio.h> 
-
-int main()
-{
-  ssh_session my_ssh_session;
-  int rc;
-
-  my_ssh_session = ssh_new();
-  if (my_ssh_session == NULL)
-    exit(-1);
-
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, "localhost");
-
-  rc = ssh_connect(my_ssh_session);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error connecting to localhost: %s\n",
-            ssh_get_error(my_ssh_session));
-    exit(-1);
-  }
-
-  ...
-
-  ssh_disconnect(my_ssh_session);
-  ssh_free(my_ssh_session);
-}
-@endcode
-
-
-@subsection serverauth Authenticating the server
-
-Once you're connected, the following step is mandatory: you must check that the server
-you just connected to is known and safe to use (remember, SSH is about security and
-authentication).
-
-There are two ways of doing this:
- - The first way (recommended) is to use the ssh_is_server_known()
-   function. This function will look into the known host file
-   (~/.ssh/known_hosts on UNIX), look for the server hostname's pattern,
-   and determine whether this host is present or not in the list.
- - The second way is to use ssh_get_pubkey_hash() to get a binary version
-   of the public key hash value. You can then use your own database to check
-   if this public key is known and secure.
-
-You can also use the ssh_get_pubkey_hash() to show the public key hash
-value to the user, in case he knows what the public key hash value is
-(some paranoid people write their public key hash values on paper before
-going abroad, just in case ...).
-
-If the remote host is being used to for the first time, you can ask the user whether
-he/she trusts it. Once he/she concluded that the host is valid and worth being
-added in the known hosts file, you use ssh_write_knownhost() to register it in
-the known hosts file, or any other way if you use your own database.
-
-The following example is part of the examples suite available in the
-examples/ directory:
-
-@code
-#include <errno.h>
-#include <string.h>
-
-int verify_knownhost(ssh_session session)
-{
-  int state, hlen;
-  unsigned char *hash = NULL;
-  char *hexa;
-  char buf[10];
-
-  state = ssh_is_server_known(session);
-
-  hlen = ssh_get_pubkey_hash(session, &hash);
-  if (hlen < 0)
-    return -1;
-
-  switch (state)
-  {
-    case SSH_SERVER_KNOWN_OK:
-      break; /* ok */
-
-    case SSH_SERVER_KNOWN_CHANGED:
-      fprintf(stderr, "Host key for server changed: it is now:\n");
-      ssh_print_hexa("Public key hash", hash, hlen);
-      fprintf(stderr, "For security reasons, connection will be stopped\n");
-      free(hash);
-      return -1;
-
-    case SSH_SERVER_FOUND_OTHER:
-      fprintf(stderr, "The host key for this server was not found but an other"
-        "type of key exists.\n");
-      fprintf(stderr, "An attacker might change the default server key to"
-        "confuse your client into thinking the key does not exist\n");
-      free(hash);
-      return -1;
-
-    case SSH_SERVER_FILE_NOT_FOUND:
-      fprintf(stderr, "Could not find known host file.\n");
-      fprintf(stderr, "If you accept the host key here, the file will be"
-       "automatically created.\n");
-      /* fallback to SSH_SERVER_NOT_KNOWN behavior */
-
-    case SSH_SERVER_NOT_KNOWN:
-      hexa = ssh_get_hexa(hash, hlen);
-      fprintf(stderr,"The server is unknown. Do you trust the host key?\n");
-      fprintf(stderr, "Public key hash: %s\n", hexa);
-      free(hexa);
-      if (fgets(buf, sizeof(buf), stdin) == NULL)
-      {
-        free(hash);
-        return -1;
-      }
-      if (strncasecmp(buf, "yes", 3) != 0)
-      {
-        free(hash);
-        return -1;
-      }
-      if (ssh_write_knownhost(session) < 0)
-      {
-        fprintf(stderr, "Error %s\n", strerror(errno));
-        free(hash);
-        return -1;
-      }
-      break;
-
-    case SSH_SERVER_ERROR:
-      fprintf(stderr, "Error %s", ssh_get_error(session));
-      free(hash);
-      return -1;
-  }
-
-  free(hash);
-  return 0;
-}
-@endcode
-
-@see ssh_connect
-@see ssh_disconnect
-@see ssh_get_error
-@see ssh_get_error_code
-@see ssh_get_pubkey_hash
-@see ssh_is_server_known
-@see ssh_write_knownhost
-
-
-@subsection auth Authenticating the user
-
-The authentication process is the way a service provider can identify a
-user and verify his/her identity. The authorization process is about enabling
-the authenticated user the access to ressources. In SSH, the two concepts
-are linked. After authentication, the server can grant the user access to
-several ressources such as port forwarding, shell, sftp subsystem, and so on.
-
-libssh supports several methods of authentication:
- - "none" method. This method allows to get the available authentications
-   methods. It also gives the server a chance to authenticate the user with
-   just his/her login. Some very old hardware uses this feature to fallback
-   the user on a "telnet over SSH" style of login.
- - password method. A password is sent to the server, which accepts it or not.
- - keyboard-interactive method. The server sends several challenges to the
-   user, who must answer correctly. This makes possible the authentication
-   via a codebook for instance ("give code at 23:R on page 3").
- - public key method. The host knows the public key of the user, and the
-   user must prove he knows the associated private key. This can be done
-   manually, or delegated to the SSH agent as we'll see later.
-
-All these methods can be combined. You can for instance force the user to
-authenticate with at least two of the authentication methods. In that case,
-one speaks of "Partial authentication". A partial authentication is a
-response from authentication functions stating that your credential was
-accepted, but yet another one is required to get in.
-
-The example below shows an authentication with password:
-
-@code
-#include <libssh/libssh.h>
-#include <stdlib.h>
-#include <stdio.h> 
-
-int main()
-{
-  ssh_session my_ssh_session;
-  int rc;
-  char *password;
-
-  // Open session and set options
-  my_ssh_session = ssh_new();
-  if (my_ssh_session == NULL)
-    exit(-1);
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, "localhost");
-
-  // Connect to server
-  rc = ssh_connect(my_ssh_session);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error connecting to localhost: %s\n",
-            ssh_get_error(my_ssh_session));
-    ssh_free(my_ssh_session);
-    exit(-1);
-  }
-
-  // Verify the server's identity
-  // For the source code of verify_knowhost(), check previous example
-  if (verify_knownhost(my_ssh_session) < 0)
-  {
-    ssh_disconnect(my_ssh_session);
-    ssh_free(my_ssh_session);
-    exit(-1);
-  }
-
-  // Authenticate ourselves
-  password = getpass("Password: ");
-  rc = ssh_userauth_password(my_ssh_session, NULL, password);
-  if (rc != SSH_AUTH_SUCCESS)
-  {
-    fprintf(stderr, "Error authenticating with password: %s\n",
-            ssh_get_error(my_ssh_session));
-    ssh_disconnect(my_ssh_session);
-    ssh_free(my_ssh_session);
-    exit(-1);
-  }
-
-  ...
-
-  ssh_disconnect(my_ssh_session);
-  ssh_free(my_ssh_session);
-}
-@endcode
-
-@see @ref authentication_details
-
-
-@subsection using_ssh Doing something
-
-At this point, the authenticity of both server and client is established.
-Time has come to take advantage of the many possibilities offered by the SSH
-protocol: execute a remote command, open remote shells, transfer files,
-forward ports, etc.
-
-The example below shows how to execute a remote command:
-
-@code
-int show_remote_processes(ssh_session session)
-{
-  ssh_channel channel;
-  int rc;
-  char buffer[256];
-  unsigned int nbytes;
-
-  channel = ssh_channel_new(session);
-  if (channel == NULL)
-    return SSH_ERROR;
-
-  rc = ssh_channel_open_session(channel);
-  if (rc != SSH_OK)
-  {
-    ssh_channel_free(channel);
-    return rc;
-  }
-
-  rc = ssh_channel_request_exec(channel, "ps aux");
-  if (rc != SSH_OK)
-  {
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    return rc;
-  }
-
-  nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-  while (nbytes > 0)
-  {
-    if (write(1, buffer, nbytes) != nbytes)
-    {
-      ssh_channel_close(channel);
-      ssh_channel_free(channel);
-      return SSH_ERROR;
-    }
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-  }
-    
-  if (nbytes < 0)
-  {
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    return SSH_ERROR;
-  }
-
-  ssh_channel_send_eof(channel);
-  ssh_channel_close(channel);
-  ssh_channel_free(channel);
-
-  return SSH_OK;
-}
-@endcode
-
-@see @ref opening_shell
-@see @ref remote_command
-@see @ref sftp_subsystem
-@see @ref scp_subsystem
-
-
-@subsection errors Handling the errors
-
-All the libssh functions which return an error value also set an English error message
-describing the problem.
-
-Error values are typically SSH_ERROR for integer values, or NULL for pointers.
-
-The function ssh_get_error() returns a pointer to the static error message.
-
-ssh_error_code() returns the error code number : SSH_NO_ERROR,
-SSH_REQUEST_DENIED, SSH_INVALID_REQUEST, SSH_CONNECTION_LOST, SSH_FATAL,
-or SSH_INVALID_DATA. SSH_REQUEST_DENIED means the ssh server refused your
-request, but the situation is recoverable. The others mean something happened
-to the connection (some encryption problems, server problems, ...).
-SSH_INVALID_REQUEST means the library got some garbage from server, but
-might be recoverable. SSH_FATAL means the connection has an important
-problem and isn't probably recoverable.
-
-Most of time, the error returned are SSH_FATAL, but some functions
-(generaly the ssh_request_xxx ones) may fail because of server denying request.
-In these cases, SSH_REQUEST_DENIED is returned.
-
-ssh_get_error() and ssh_get_error_code() take a ssh_session as a parameter.
-That's for thread safety, error messages that can be attached to a session
-aren't static anymore. Any error that happens during ssh_options_xxx()
-or ssh_connect() (i.e., outside of any session) can be retrieved by
-giving NULL as argument.
-
-The SFTP subsystem has its own error codes, in addition to libssh ones.
-
-
-*/

doc/introduction.dox

@@ -1,50 +0,0 @@
-/**
-@page libssh_tutorial The Tutorial
-@section introduction Introduction
-
-libssh is a C library that enables you to write a program that uses the
-SSH protocol. With it, you can remotely execute programs, transfer
-files, or use a secure and transparent tunnel for your remote programs.
-The SSH protocol is encrypted, ensures data integrity, and provides strong
-means of authenticating both the server of the client. The library hides
-a lot of technical details from the SSH protocol, but this does not
-mean that you should not try to know about and understand these details.
-
-libssh is a Free Software / Open Source project. The libssh library
-is distributed under LGPL license. The libssh project has nothing to do with
-"libssh2", which is a completly different and independant project.
-
-libssh can run on top of either libgcrypt (http://directory.fsf.org/project/libgcrypt/)
-or libcrypto (http://www.openssl.org/docs/crypto/crypto.html), two general-purpose
-cryptographic libraries.
-
-This tutorial concentrates for its main part on the "client" side of libssh.
-To learn how to accept incoming SSH connexions (how to write a SSH server),
-you'll have to jump to the end of this document.
-
-This tutorial describes libssh version 0.5.0. This version is a little different
-from the 0.4.X series. However, the examples should work with
-little changes on versions like 0.4.2 and later.
-
-
-Table of contents:
-
-@subpage libssh_tutor_guided_tour
-
-@subpage libssh_tutor_authentication
-
-@subpage libssh_tutor_shell
-
-@subpage libssh_tutor_command
-
-@subpage libssh_tutor_sftp
-
-@subpage libssh_tutor_scp
-
-@subpage libssh_tutor_forwarding
-
-@subpage libssh_tutor_threads
-
-@subpage libssh_tutor_todo
-
-*/

doc/libssh-0.2-api-1.txt

@@ -0,0 +1,385 @@
+                    The new libssh 0.2 API
+                    ----------------------
+
+Version 1
+
+A. Introduction
+---------------
+
+With the time from the first release of libssh, I have received lots of
+comments about the current API. Myself, I found it quite limiting when doing
+my first libssh-server drafts. Thus, I am moving to a stronger API.
+This API must still be simple. I am not introducing complex changes. An API
+well designed must hide the implementation details. Implementation can change
+easily within bugfixes - but API cannot change each release.
+
+To the people already using libssh 0.11 : sorry. Once I have the complete API
+redesigned, I will write a migration paper. It won't be too hard normally.
+
+Here are the things that were lacking in the previous API and *must* change:
+
+* A non-blocking mode connection type
+* Functions to relegate File descriptor listening to Calling functions and to
+  the programmer. (I'll explain later).
+* Along with that, good buffering system (well, it's not an API but).
+* Leave the "functions returns a pointer when it works and NULL when it does
+  not work". It gives serious problems to implement bindings (A C++
+  constructor should not fail and should not depend on a network thing
+* Make the Session structure an abstract structure that can work with both
+  client and *servers*. That mean we should have a Server object which listen
+  to clients on a bound port, does the different handshakes and return a
+  session.
+  Since C is not per se an Object language, I won't use inheritance between
+  objects.
+* This same server thing must provide the reverse capabilities than the
+  client. That is, accept the handshake, in a nonblocking way. Accept channel
+  requests, or send them to the controller program.
+* Support for program forking : Imagine you have a Ssh server object. You
+  accept a connection and receive a session, then you receive a channel. You
+  may want to keep the good old days fork() tricks. Libssh will give a way to
+  destroy handlers from sessions which belong to an other process without
+  disturbing the session.
+* So often I received the comment back saying that it was not clear why a
+  session or a channel was terminated. This is over.
+* And of course I received lot of mails about the fact I'm doing namespace
+  polution. this will be resolved this time.
+So, please read this draft not as a formal documentation but like a roadmap of
+things that each kind of object must do.
+
+B. Description of objects and functions
+
+Initialization and finalization
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Initialization is for now called automatically, so you don't have to take care
+of that.
+As for finalization, we need to finalize the underlying cryptographic library
+(either OpenSSL or libgcrypt). Be sure that you call ssh_finalize when this
+library won't be used anymore, even by other libraries (i.e. if you use libssh
+and another library that uses OpenSSL, call ssh_finalize when any function of
+both these libraries won't be called).
+If you trust your operating system to clean up the mess after a process
+terminates, you can skip this call.
+
+Options structure
+~~~~~~~~~~~~~~~~~
+
+struct ssh_options *ssh_options_new()
+
+ssh_options_getopt(options, *argc, argv)
+
+ssh_options_copy(options)
+
+char ** ssh_options_get_supported_algos(options,type)
+ returns a list of the algos supported by libssh, type being one of
+ SSH_HOSTKEYS, SSH_KEX, SSH_CRYPT, SSH_MAC, SSH_COMP, SSH_LANG
+
+ssh_options_set_wanted_algos(options,type, char *list)
+list being comma-separated list of algos, and type being the upper constants
+but with _C_S or _S_V added to them.
+
+ssh_options_set_port(options, port)
+
+ssh_options_set_host(options, host)
+
+ssh_options_set_fd(options, fd)
+
+ssh_options_set_bind(options, bindaddr, port)
+this options sets the address to bind for a client *or* a server. a port of
+zero means whatever port is free (what most clients want).
+
+ssh_options_set_username(options, username)
+
+ssh_options_set_connect_timeout(options, seconds, usec)
+
+ssh_options_set_ssh_dir(options, dir)
+ssh_options_set_known_hosts_file(options, file)
+ssh_options_set_identity(options, file)
+
+ssh_options_set_banner(options, banner)
+ssh_options_allow_ssh1(options, bool allow)
+ssh_options_allow_ssh2(options, bool allow)
+
+options_set_status_callback has moved into ssh_* functions.
+
+ssh_session Structure
+~~~~~~~~~~~~~~~~~~~~~
+
+This session structure represents a ssh socket to a server *or* a client.
+
+ssh_session *ssh_new()
+
+ssh_set_options(ssh_session,ssh_options)
+
+ssh_connect(session);
+ it will return some status describing at which point of the connection it is,
+ or an error code. If the connection method is non-blocking, the function
+ will be called more than once, though the return value SSH_AGAIN.
+
+ssh_set_blocking(session, bool blocking)
+ set blocking mode or non blocking mode.
+
+ssh_get_fd(session)
+ get the currently used connection file descriptor or equivalent (windows)
+
+ssh_set_fd_toread(session)
+ssh_set_fd_towrite(session)
+ssh_set_fd_except(session)
+ Serve to notify the library that data is actualy available to be read on the
+ file descriptor socket. why ? because on most platforms select can't be done
+ twice on the same socket when the first reported data to read or to write
+ 
+ssh_get_status(session)
+ Returns the current status bitmask : connection Open or closed, data
+ pending to read or not (even if connection closed), connection closed on
+ error or on an exit message
+
+ssh_get_disconnect_message(session)
+ Returns the connection disconnect error/exit message
+
+ssh_get_pubkey_hash(session, hash)
+ get the public key hash from the server.
+
+ssh_is_server_known(session)
+ssh_write_knownhost(session)
+ these 2 functions will be kept
+
+ssh_disconnect(session)
+ standard disconnect
+
+ssh_disconnect_error(session,error code, message)
+ disconnect with a message
+
+ssh_set_username(session)
+ set the user name to log in
+ 
+ssh_userauth_* functions will be kept as they are now, excepted the fact that
+the username field will disapear.
+the public key mechanism may get some more functions, like retrieving a public
+key from a private key and authenticating without a public key.
+
+ssh_get_issue_banner(session)
+ get the issue banner from the server, that is the welcome message.
+
+ssh_silent_free(session)
+ This function silently free all data structures used by the session and
+ closes the socket. It may be used for instance when the process forked and
+ doesn't want to keep track of this session. This is obviously not possible to
+ do with separate channels.
+
+The channel_struct structure
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The channels will change a bit. the constructor thing will change, and the way
+to multiplex different connections will change too. channel functions will be
+prefixed with "ssh_"
+
+struct channel_struct *ssh_channel_new()
+
+ssh_channel_open_session(channel)
+ will return if the channel allocation failed or not.
+
+ssh_channel_open_forward(channel, ...) won't change. it will report an error if
+the channel allocation failed.
+
+ssh_channel_send_eof(channel)
+ send EOF
+ssh_channel_close(channel)
+ closes a channel but doesn't destroy it. you may read unread data still in
+ the buffer. Once you closed the buffer, the other party can't send you data,
+ while it could still do it if you only sent an EOF.
+ssh_channel_is_closed(channel)
+ returns true if the channel was closed at one of both sides. a closed chan
+ may still have data to read, if you closed yourself the connection. otherwise
+ (you didn't close it) the closed notification only comes when you read the
+ last buffer byte, or when trying to write into the channel (the SIGPIPE-like
+ behaviour).
+
+ssh_channel_is_eof(channel)
+ reports if the other side has sent an EOF. This functions returns FALSE if
+ there is still data to read. A closed channel is always EOF.
+ssh_channel_free(channel)
+ completely free the channel. closes it before if it was not done.
+
+ssh_channel_request_env(channel, name, value)
+ set an environment variable.
+
+ssh_channel_request_pty(channel)
+ssh_channel_request_pty_size()
+ssh_channel_change_pty_size()
+ssh_channel_request_shell()
+ssh_channel_request_exec()
+ssh_channel_request_subsystem()
+These functions won't change.
+
+int ssh_channel_write(channel,data, len,stderr)
+ Depending on the blocking/non blocking mode of the channel, the behaviour may
+ change.
+ stderr is the extended buffer. It's generaly only a server->client stream.
+
+ssh_channel_set_blocking(bool blocking)
+
+int ssh_channel_read(channel, buffer, maxlen, is_stderr)
+ the behaviour will be this one:
+  -if the chan is in non blocking mode, it will poll what's available to read
+  and return this. otherwise (nothing to read) it will return 0.
+  -if the chan is blocking, it will block until at least one byte is
+  available.
+ssh_channel_nonblocking disapears for the later reason.
+
+int channel_poll(channel, is_stderr)
+ polls the network and reports the number of bytes ready to be read in the
+ chan.
+
+ssh_session ssh_channel_get_session(channel)
+ returns the session pointer associated to the channel, for simplicity
+ reasons.
+
+int ssh_channel_select(CHANNELS *readchans, CHANNELS *writechans, CHANNELS
+              *exceptchans, struct timeval *timeout)
+ This function won't work the same way ssh_select did.
+ I removed the custom file descriptor thing for 2 reasons:
+  1- it's not windows compliant. D'ouh !
+  2- most programmers won't want to depend on libssh for socket multiplexing.
+  that's why i let the programmer poll the fds himself and then use
+  ssh_set_fd_toread, towrite or except. Then, he may use ssh_channel_select
+  with a NULL timeout to poll which channels have something to read, write or
+  error report.
+ Here is how it's going to work. The coder sets 3 different arrays with the
+ channels he wants to select(), the last entry being a NULL pointer. The
+ function will first poll them and return the chans that must be
+ read/write/excepted. If nothing has this state, the function will select()
+ using the timeout.
+ The function will return 0 if everything is ok, SSH_TIMEOUT or SSH_EINTR if
+ the select was interrupted by a signal. It is dangerous to execute any
+ channel-related functions into signal handlers. they should set a flag that
+ you read into your loop. this "trap" (SSH_EINTR) will permit you to catch
+ them faster and make your program responsive and look fast.
+ the function will return -1 if a serious problem happens.
+
+
+Error handling
+~~~~~~~~~~~~~~
+
+when an error happens, the programmer can get the error code and description
+with ssh_get_error(session). the creation of a failess constructor for
+ssh_session was needed for this reason.
+
+ssh_get_error_code(session) will return an error code into this subset:
+ SSH_NO_ERROR : no error :)
+ SSH_REQUEST_DENIED : you request for a functionality or a service that is not
+ allowed. The session can continue.
+ SSH_FATAL : Unrecoverable error. The session can't continue and you should
+ disconnect the session. It includes the connection being cut without a
+ disconnect() message.
+ If a disconnect() message or the channel was closed, a read on such a channel
+ won't produce an error. otherwise it will return -1 with a SSH_FATAL error
+ code.
+
+Server socket binding
+~~~~~~~~~~~~~~~~~~~~~
+
+It is not possible to bind a socket for ssh with a SSH_SESSION type, because a
+single bound port may lead to multiple ssh connections. That's why the
+SSH_BIND structure must be created. It uses options from the SSH_OPTIONS
+structure.
+
+SSH_BIND *ssh_bind_new()
+creates a structure
+ssh_bind_set_options(bind, options)
+set the option structure
+int ssh_bind_listen(bind)
+ bind and listen to the port. This call is not blocking. if some error
+ happens, it returns -1 and the error code can be found with perror().
+
+ssh_bind_set_blocking(bind, bool blocking)
+ should ssh_bind_accept() block or not.
+
+int ssh_bind_get_fd(bind)
+ return the bound file descriptor, that is the listener socket. you may put it
+ into a select() in your code to detect a connection attempt.
+
+ssh_bind_set_fd_toaccept(bind)
+ say that the listener socket has a connection to accept (to avoid
+ ssh_bind_accept() to do a select on it).
+
+SSH_SESSION *ssh_bind_accept(bind)
+ return a server handle to a ssh session. if the mode is blocking, the
+ function will always return a pointer to a session. if the mode is not
+ blocking, the function can return NULL if there is no connection to accept.
+
+This SSH_SESSION handle must then pass through the functions explained above.
+
+
+*server functions *
+
+int ssh_accept(session)
+ when a new connection is accepted, the handshake must be done. this function
+ will do the banner handshake and the key exchange.
+ it will return SSH_AGAIN if the session mode is non blocking, and the
+ function must be called again until an error occurs or the kex is done.
+
+Here, I had a few choises about *how* to implement the message parsing as a
+server. There are multiple ways to do it, one being callbacks and one being
+"Message" reading, parsing and then choice going to the user to use it and
+answer. I've choosen the latter because i believe it's the stronger method.
+A ssh server can receive 30 different kind of messages having to be dealt by
+the high level routines, like channel request_shell or authentication. Having
+a callback for all of them would produce a huge kludge of callbacks, with
+no relations on when there were called etc.
+A message based parsing allows the user to filtrate the messages he's
+interested into and to use a default answer for the others. Then, the callback
+thing is still possible to handle through a simple message code/callback
+function array.
+
+I did not define yet what it would look like, but i'm sure there will be a
+SSH_MESSAGE (they won't have a 1/1 correspondance with ssh packets) which will
+be read through
+SSH_MESSAGE *ssh_server_read_message(session).
+with all of the non-blocking stuff in head like returning NULL if the message
+is not full.
+Then, the message can be parsed, ie
+int ssh_message_get_code(message)
+which will return SSH_MESSAGE_AUTH
+then
+int ssh_message_get_subcode(message)
+which then will returh SSH_MESSAGE_AUTH_PASSWORD or _NONE or _PUBKEY etc.
+
+Then, once the message was parsed, the message will have to be answered, ie
+with the generic functions like
+ssh_message_accept(message) which says 'Ok your request is accepted' or
+ssh_message_deny(message) which says 'Your request is refused'.
+
+There would be specific message answer functions for some kind of messages
+like the authentication one. you may want to reply that the authentication is
+Partial rather than denied, and that you still accept some kind of auths, like
+ssh_message_auth_reply(message,SSH_AUTH_PARTIAL,SSH_AUTH_PASSWORD |
+SSH_AUTH_PUBKEY | SSH_AUTH_KEYBINT);
+
+I won't let the user have to deal with the channels himself. When a channel is
+going to be created by the remote size, a message will come asking to open a
+channel. the programmer can either deny or accept, in which case a CHANNEL
+object will be created and returned to the programmer. then, all standard
+channel functions will run.
+
+C. Change log of this document
+
+3. Add paragraph about initalization and finalization.
+
+2. ssh_options_set_username finaly is kept into the options, because it can be
+set by ssh_options_getopt()
+
+1. first release
+
+D. End notes
+
+I think libssh must have a very simple to use, powerful and exhaustive API. It
+must have no design flaw either.
+While I got some good experience at the SSH protocol, I've never writen
+more-than-100 lines programs than use libssh and I don't really know the
+problems of the library. I'd like people who don't understand some detail into
+the API I describe here, who have comments or opinions about it to write me
+the soonest possible to limit the damages if I made something the completely
+wrong way.
+Thanks for your patience.
+

doc/linking.dox

@@ -1,24 +0,0 @@
-/**
-
-@page libssh_linking The Linking HowTo
-
-@section dynamic Dynamic Linking
-
-On UNIX and Windows systems its the same, you need at least the libssh.h
-header file and the libssh shared library.
-
-@section static Static Linking
-
-@warning <b>The libssh library is licensed under the LGPL! Make sure you
-understand what this means to your codebase if you want to distribute
-binaries and link statically against LGPL code!</b>
-
-On UNIX systems linking against the static version of the library is the
-same as linking against the shared library. Both have the same name. Some
-build system require to use the full path to the static library.
-
-On Windows you need to define LIBSSH_STATIC in the compiler command
-line. This is required cause the dynamic library needs to specify the
-dllimport attribute.
-
-*/

doc/mainpage.dox

@@ -1,124 +1,12 @@
 /**
+ * @mainpage
+ * This manual documents the libssh C API.
+ *
+ * There are several other places to look for libssh information, such as the
+ * <a href="http://dev.libssh.org/wiki/Tutorial" target="_blank">tutorial</a>
+ * and the specification; those can be found at the <a
+ * href="http://www.libssh.org/" target="_blank">libssh website</a>.
+ *
+ * To be continued...
+ */
 
-@mainpage
-
-This is the online reference for developing with the libssh library. It
-documents the libssh C API and the C++ wrapper.
-
-@section main-linking Linking
-
-We created a small howto how to link libssh against your application, read
-@subpage libssh_linking.
-
-@section main-tutorial Tutorial
-
-You should start by reading @subpage libssh_tutorial, then reading the documentation of
-the interesting functions as you go.
-
-@section main-features Features
-
-The libssh library provides:
-
- - Full C library functions for manipulating a client-side SSH connection
- - SSH2 and SSH1 protocol compliant
- - Fully configurable sessions
- - Server support
- - SSH agent authentication support
- - Support for AES-128, AES-192, AES-256, Blowfish, 3DES in CBC mode, and AES in CTR mode
- - Supports OpenSSL and GCrypt
- - Use multiple SSH connections in a same process, at same time
- - Use multiple channels in the same connection
- - Thread safety when using different sessions at same time
- - POSIX-like SFTP (Secure File Transfer) implementation with openssh extension support
- - SCP implementation
- - Large file system support (files bigger than 4GB)
- - RSA and DSS server public key supported
- - Compression support (with zlib)
- - Public key (RSA and DSS), password and keyboard-interactive authentication
- - Full poll()/WSAPoll() support and a poll-emulation for Win32.
- - Runs and tested under x86_64, x86, ARM, Sparc32, PPC under Linux, BSD, MacOSX, Solaris and Windows
-
-@section main-copyright Copyright Policy
-
-The developers of libssh have a policy of asking for contributions to be made
-under the personal copyright of the contributor, instead of a corporate
-copyright.
-
-There are some reasons for the establishment of this policy:
-
-    @li Individual copyrights make copyright registration in the US a simpler
-        process.
-    @li If libssh is copyrighted by individuals rather than corporations,
-        decisions regarding enforcement and protection of copyright will, more
-        likely, be made in the interests of the project, and not in the interests
-        of any corporation’s shareholders.
-    @li If we ever need to relicense a portion of the code contacting individuals
-        for permission to do so is much easier than contacting a company.
-
-@section main-rfc Internet standard
-
-@subsection main-rfc-secsh Secure Shell (SSH)
-
-The following RFC documents described SSH-2 protcol as an Internet standard.
-
- - <a href="http://tools.ietf.org/html/rfc4250" target="_blank">RFC 4250</a>,
-    The Secure Shell (SSH) Protocol Assigned Numbers
- - <a href="http://tools.ietf.org/html/rfc4251" target="_blank">RFC 4251</a>,
-    The Secure Shell (SSH) Protocol Architecture
- - <a href="http://tools.ietf.org/html/rfc4252" target="_blank">RFC 4252</a>,
-    The Secure Shell (SSH) Authentication Protocol
- - <a href="http://tools.ietf.org/html/rfc4253" target="_blank">RFC 4253</a>,
-    The Secure Shell (SSH) Transport Layer Protocol
- - <a href="http://tools.ietf.org/html/rfc4254" target="_blank">RFC 4254</a>,
-    The Secure Shell (SSH) Connection Protocol
- - <a href="http://tools.ietf.org/html/rfc4255" target="_blank">RFC 4255</a>,
-    Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints
- - <a href="http://tools.ietf.org/html/rfc4256" target="_blank">RFC 4256</a>,
-    Generic Message Exchange Authentication for the Secure Shell Protocol (SSH)
- - <a href="http://tools.ietf.org/html/rfc4335" target="_blank">RFC 4335</a>,
-    The Secure Shell (SSH) Session Channel Break Extension
- - <a href="http://tools.ietf.org/html/rfc4344" target="_blank">RFC 4344</a>,
-    The Secure Shell (SSH) Transport Layer Encryption Modes
- - <a href="http://tools.ietf.org/html/rfc4345" target="_blank">RFC 4345</a>,
-    Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol
-
-It was later modified and expanded by the following RFCs.
-
- - <a href="http://tools.ietf.org/html/rfc4419" target="_blank">RFC 4419</a>,
-    Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer
-    Protocol
- - <a href="http://tools.ietf.org/html/rfc4432" target="_blank">RFC 4432</a>,
-    RSA Key Exchange for the Secure Shell (SSH) Transport Layer Protocol
- - <a href="http://tools.ietf.org/html/rfc4462" target="_blank">RFC 4462</a>,
-    Generic Security Service Application Program Interface (GSS-API)
-    Authentication and Key Exchange for the Secure Shell (SSH) Protocol
- - <a href="http://tools.ietf.org/html/rfc4716" target="_blank">RFC 4716</a>,
-    The Secure Shell (SSH) Public Key File Format
- - <a href="http://tools.ietf.org/html/rfc5656" target="_blank">RFC 5656</a>,
-    Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer
-
-Interesting cryptography documents:
-
- - <a href="http://www.cryptsoft.com/pkcs11doc/" target="_blank">PKCS #11</a>, PKCS #11 reference documents, describing interface with smartcards.
-
-@subsection main-rfc-sftp Secure Shell File Transfer Protocol (SFTP)
-
-The protocol is not an Internet standard but it is still widely implemented.
-OpenSSH and most other implementation implement Version 3 of the protocol. We
-do the same in libssh.
-
- - <a href="http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02" target="_blank">
-   draft-ietf-secsh-filexfer-02.txt</a>,
-   SSH File Transfer Protocol
-
-@subsection main-rfc-extensions Secure Shell Extensions
-
-The OpenSSH project has defined some extensions to the protocol. We support some of
-them like the statvfs calls in SFTP or the ssh-agent.
-
- - <a href="http://api.libssh.org/rfc/PROTOCOL" target="_blank">
-    OpenSSH's deviations and extensions</a>
- - <a href="http://api.libssh.org/rfc/PROTOCOL.agent" target="_blank">
-    OpenSSH's ssh-agent</a>
-
-*/

doc/scp.dox

@@ -1,257 +0,0 @@
-/**
-@page libssh_tutor_scp Chapter 6: The SCP subsystem
-@section scp_subsystem The SCP subsystem
-
-The SCP subsystem has far less functionnality than the SFTP subsystem.
-However, if you only need to copy files from and to the remote system,
-it does its job.
-
-
-@subsection scp_session Opening and closing a SCP session
-
-Like in the SFTP subsystem, you don't handle the SSH channels directly.
-Instead, you open a "SCP session".
-
-When you open your SCP session, you have to choose between read or write mode.
-You can't do both in the same session. So you specify either SSH_SCP_READ or
-SSH_SCP_WRITE as the second parameter of function ssh_scp_new().
-
-Another important mode flag for opening your SCP session is SSH_SCP_RECURSIVE.
-When you use SSH_SCP_RECURSIVE, you declare that you are willing to emulate
-the behaviour of "scp -r" command in your program, no matter it is for
-reading or for writing.
-
-Once your session is created, you initialize it with ssh_scp_init(). When
-you have finished transferring files, you terminate the SCP connection with
-ssh_scp_close(). Finally, you can dispose the SCP connection with
-ssh_scp_free().
-
-The example below does the maintenance work to open a SCP connection for writing in
-recursive mode:
-
-@code
-int scp_write(ssh_session session)
-{
-  ssh_scp scp;
-  int rc;
-
-  scp = ssh_scp_new
-    (session, SSH_SCP_WRITE | SSH_SCP_RECURSIVE, ".");
-  if (scp == NULL)
-  {
-    fprintf(stderr, "Error allocating scp session: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  rc = ssh_scp_init(scp);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error initializing scp session: %s\n", ssh_get_error(session));
-    ssh_scp_free(scp);
-    return rc;
-  }
-
-  ...
-
-  ssh_scp_close(scp);
-  ssh_scp_free(scp);
-  return SSH_OK;
-}
-@endcode
-
-The example below shows how to open a connection to read a single file:
-
-@code
-int scp_read(ssh_session session)
-{
-  ssh_scp scp;
-  int rc;
-
-  scp = ssh_scp_new
-    (session, SSH_SCP_READ, "helloworld/helloworld.txt");
-  if (scp == NULL)
-  {
-    fprintf(stderr, "Error allocating scp session: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  rc = ssh_scp_init(scp);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error initializing scp session: %s\n", ssh_get_error(session));
-    ssh_scp_free(scp);
-    return rc;
-  }
-
-  ...
-
-  ssh_scp_close(scp);
-  ssh_scp_free(scp);
-  return SSH_OK;
-}
-
-@endcode
-
-
-@subsection scp_write Creating files and directories
-
-You create directories with ssh_scp_push_directory(). In recursive mode,
-you are placed in this directory once it is created. If the directory
-already exists and if you are in recursive mode, you simply enter that
-directory.
-
-Creating files is done in two steps. First, you prepare the writing with
-ssh_scp_push_file(). Then, you write the data with ssh_scp_write().
-The length of the data to write must be identical between both function calls.
-There's no need to "open" nor "close" the file, this is done automatically
-on the remote end. If the file already exists, it is overwritten and truncated.
-
-The following example creates a new directory named "helloworld/", then creates
-a file named "helloworld.txt" in that directory:
-
-@code
-int scp_helloworld(ssh_session session, ssh_scp scp)
-{
-  int rc;
-  const char *helloworld = "Hello, world!\n";
-  int length = strlen(helloworld);
-
-  rc = ssh_scp_push_directory(scp, "helloworld", S_IRWXU);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't create remote directory: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  rc = ssh_scp_push_file
-    (scp, "helloworld.txt", length, S_IRUSR |  S_IWUSR);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't open remote file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  rc = ssh_scp_write(scp, helloworld, length);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't write to remote file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-
-@subsection scp_recursive_write Copying full directory trees to the remote server
-
-Let's say you want to copy the following tree of files to the remote site:
-
-@verbatim
-               +-- file1
-       +-- B --+
-       |       +-- file2
--- A --+ 
-       |       +-- file3
-       +-- C --+
-               +-- file4
-@endverbatim
-
-You would do it that way:
-  - open the session in recursive mode
-  - enter directory A
-  - enter its subdirectory B
-  - create file1 in B
-  - create file2 in B
-  - leave directory B
-  - enter subdirectory C
-  - create file3 in C
-  - create file4 in C
-  - leave directory C
-  - leave directory A
-
-To leave a directory, call ssh_scp_leave_directory().
-
-
-@subsection scp_read Reading files and directories
-
-
-To receive files, you pull requests from the other side with ssh_scp_pull_request().
-If this function returns SSH_SCP_REQUEST_NEWFILE, then you must get ready for
-the reception. You can get the size of the data to receive with ssh_scp_request_get_size()
-and allocate a buffer accordingly. When you are ready, you accept the request with
-ssh_scp_accept_request(), then read the data with ssh_scp_read().
-
-The following example receives a single file. The name of the file to
-receive has been given earlier, when the scp session was opened:
-
-@code
-int scp_receive(ssh_session session, ssh_scp scp)
-{
-  int rc;
-  int size, mode;
-  char *filename, *buffer;
-
-  rc = ssh_scp_pull_request(scp);
-  if (rc != SSH_SCP_REQUEST_NEWFILE)
-  {
-    fprintf(stderr, "Error receiving information about file: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  size = ssh_scp_request_get_size(scp);
-  filename = strdup(ssh_scp_request_get_filename(scp));
-  mode = ssh_scp_request_get_permissions(scp);
-  printf("Receiving file %s, size %d, permisssions 0%o\n", filename, size, mode);
-  free(filename);
-
-  buffer = malloc(size);
-  if (buffer == NULL)
-  {
-    fprintf(stderr, "Memory allocation error\n");
-    return SSH_ERROR;
-  }
-
-  ssh_scp_accept_request(scp);
-  rc = ssh_scp_read(scp, buffer, size);
-  if (rc == SSH_ERROR)
-  {
-    fprintf(stderr, "Error receiving file data: %s\n", ssh_get_error(session));
-    free(buffer);
-    return rc;
-  }
-  printf("Done\n");
-
-  write(1, buffer, size);
-  free(buffer);
-
-  rc = ssh_scp_pull_request(scp);
-  if (rc != SSH_SCP_REQUEST_EOF)
-  {
-    fprintf(stderr, "Unexpected request: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-In this example, since we just requested a single file, we expect ssh_scp_request()
-to return SSH_SCP_REQUEST_NEWFILE first, then SSH_SCP_REQUEST_EOF. That's quite a
-naive approach; for example, the remote server might send a warning as well
-(return code SSH_SCP_REQUEST_WARNING) and the example would fail. A more comprehensive
-reception program would receive the requests in a loop and analyze them carefully
-until SSH_SCP_REQUEST_EOF has been received.
-
-
-@subsection scp_recursive_read Receiving full directory trees from the remote server
-
-If you opened the SCP session in recursive mode, the remote end will be
-telling you when to change directory.
-
-In that case, when ssh_scp_pull_request() answers
-SSH_SCP_REQUEST_NEWDIRECTORY, you should make that local directory (if
-it does not exist yet) and enter it. When ssh_scp_pull_request() answers
-SSH_SCP_REQUEST_ENDDIRECTORY, you should leave the current directory.
-
-*/

doc/sftp.dox

@@ -1,395 +0,0 @@
-/**
-@page libssh_tutor_sftp Chapter 5: The SFTP subsystem
-@section sftp_subsystem The SFTP subsystem
-
-SFTP stands for "Secure File Transfer Protocol". It enables you to safely
-transfer files between the local and the remote computer. It reminds a lot
-of the old FTP protocol.
-
-SFTP is a rich protocol. It lets you do over the network almost everything
-that you can do with local files:
-  - send files
-  - modify only a portion of a file
-  - receive files
-  - receive only a portion of a file
-  - get file owner and group
-  - get file permissions
-  - set file owner and group
-  - set file permissions
-  - remove files
-  - rename files
-  - create a directory
-  - remove a directory
-  - retrieve the list of files in a directory
-  - get the target of a symbolic link
-  - create symbolic links
-  - get information about mounted filesystems.
-
-The current implemented version of the SFTP protocol is version 3. All functions
-aren't implemented yet, but the most important are.
-
-
-@subsection sftp_session Opening and closing a SFTP session
-
-Unlike with remote shells and remote commands, when you use the SFTP subsystem,
-you don't handle directly the SSH channels. Instead, you open a "SFTP session".
-
-The function sftp_new() creates a new SFTP session. The function sftp_init()
-initializes it. The function sftp_free() deletes it.
-
-As you see, all the SFTP-related functions start with the "sftp_" prefix
-instead of the usual "ssh_" prefix.
-
-The example below shows how to use these functions:
-
-@code
-#include <libssh/sftp.h>
-
-int sftp_helloworld(ssh_session session)
-{
-  sftp_session sftp;
-  int rc;
-
-  sftp = sftp_new(session);
-  if (sftp == NULL)
-  {
-    fprintf(stderr, "Error allocating SFTP session: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  rc = sftp_init(sftp);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error initializing SFTP session: %s.\n", sftp_get_error(sftp));
-    sftp_free(sftp);
-    return rc;
-  }
-
-  ...
-
-  sftp_free(sftp);
-  return SSH_OK;
-}
-@endcode
-
-
-@subsection sftp_errors Analyzing SFTP errors
-
-In case of a problem, the function sftp_get_error() returns a SFTP-specific
-error number, in addition to the regular SSH error number returned by
-ssh_get_error_number().
-
-Possible errors are:
-  - SSH_FX_OK: no error
-  - SSH_FX_EOF: end-of-file encountered
-  - SSH_FX_NO_SUCH_FILE: file does not exist
-  - SSH_FX_PERMISSION_DENIED: permission denied
-  - SSH_FX_FAILURE: generic failure
-  - SSH_FX_BAD_MESSAGE: garbage received from server
-  - SSH_FX_NO_CONNECTION: no connection has been set up
-  - SSH_FX_CONNECTION_LOST: there was a connection, but we lost it
-  - SSH_FX_OP_UNSUPPORTED: operation not supported by libssh yet
-  - SSH_FX_INVALID_HANDLE: invalid file handle
-  - SSH_FX_NO_SUCH_PATH: no such file or directory path exists
-  - SSH_FX_FILE_ALREADY_EXISTS: an attempt to create an already existing file or directory has been made
-  - SSH_FX_WRITE_PROTECT: write-protected filesystem
-  - SSH_FX_NO_MEDIA: no media was in remote drive
-
-
-@subsection sftp_mkdir Creating a directory
-
-The function sftp_mkdir() tahes the "SFTP session" we juste created as
-its first argument. It also needs the name of the file to create, and the
-desired permissions. The permissions are the same as for the usual mkdir()
-function. To get a comprehensive list of the available permissions, use the
-"man 2 stat" command. The desired permissions are combined with the remote
-user's mask to determine the effective permissions.
-
-The code below creates a directory named "helloworld" in the current directory that
-can be read and written only by its owner:
-
-@code
-#include <libssh/sftp.h>
-#include <sys/stat.h>
-
-int sftp_helloworld(ssh_session session, sftp_session sftp)
-{
-  int rc;
-
-  rc = sftp_mkdir(sftp, "helloworld", S_IRWXU);
-  if (rc != SSH_OK)
-  {
-    if (sftp_get_error(sftp) != SSH_FX_FILE_ALREADY_EXISTS)
-    {
-      fprintf(stderr, "Can't create directory: %s\n", ssh_get_error(session));
-        return rc;
-    }
-  }
-
-  ...
-
-  return SSH_OK;
-}
-@endcode
-
-Unlike its equivalent in the SCP subsystem, this function does NOT change the
-current directory to the newly created subdirectory.
-
-
-@subsection sftp_write Copying a file to the remote computer
-
-You handle the contents of a remote file just like you would do with a
-local file: you open the file in a given mode, move the file pointer in it,
-read or write data, and close the file.
-
-The sftp_open() function is very similar to the regular open() function,
-excepted that it returns a file handle of type sftp_file. This file handle
-is then used by the other file manipulation functions and remains valid
-until you close the remote file with sftp_close().
-
-The example below creates a new file named "helloworld.txt" in the
-newly created "helloworld" directory. If the file already exists, it will
-be truncated. It then writes the famous "Hello, World!" sentence to the
-file, followed by a new line character. Finally, the file is closed:
-
-@code
-#include <libssh/sftp.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-
-int sftp_helloworld(ssh_session session, sftp_session sftp)
-{
-  int access_type = O_WRONLY | O_CREAT | O_TRUNC;
-  sftp_file file;
-  const char *helloworld = "Hello, World!\n";
-  int length = strlen(helloworld);
-  int rc, nwritten;
-
-  ...
-
-  file = sftp_open(sftp, "helloworld/helloworld.txt", access_type, S_IRWXU);
-  if (file == NULL)
-  {
-    fprintf(stderr, "Can't open file for writing: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  nwritten = sftp_write(file, helloworld, length);
-  if (nwritten != length)
-  {
-    fprintf(stderr, "Can't write data to file: %s\n", ssh_get_error(session));
-    sftp_close(file);
-    return SSH_ERROR;
-  }
-
-  rc = sftp_close(file);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't close the written file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-
-@subsection sftp_read Reading a file from the remote computer
-
-The nice thing with reading a file over the network through SFTP is that it
-can be done both in a synchronous way or an asynchronous way. If you read the file
-asynchronously, your program can do something else while it waits for the
-results to come.
-
-Synchronous read is done with sftp_read().
-
-The following example prints the contents of remote file "/etc/profile". For
-each 1024 bytes of information read, it waits until the end of the read operation:
-
-@code
-int sftp_read_sync(ssh_session session, sftp_session sftp)
-{
-  int access_type;
-  sftp_file file;
-  char buffer[1024];
-  int nbytes, rc;
-
-  access_type = O_RDONLY;
-  file = sftp_open(sftp, "/etc/profile", access_type, 0);
-  if (file == NULL)
-  {
-    fprintf(stderr, "Can't open file for reading: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  nbytes = sftp_read(file, buffer, sizeof(buffer));
-  while (nbytes > 0)
-  {
-    if (write(1, buffer, nbytes) != nbytes)
-    {
-      sftp_close(file);
-      return SSH_ERROR;
-    }
-    nbytes = sftp_read(file, buffer, sizeof(buffer));
-  }
-
-  if (nbytes < 0)
-  {
-    fprintf(stderr, "Error while reading file: %s\n", ssh_get_error(session));
-    sftp_close(file);
-    return SSH_ERROR;
-  }
-
-  rc = sftp_close(file);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't close the read file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-Asynchronous read is done in two steps, first sftp_async_read_begin(), which
-returns a "request handle", and then sftp_async_read(), which uses that request handle.
-If the file has been opened in nonblocking mode, then sftp_async_read()
-might return SSH_AGAIN, which means that the request hasn't completed yet
-and that the function should be called again later on. Otherwise,
-sftp_async_read() waits for the data to come. To open a file in nonblocking mode,
-call sftp_file_set_nonblocking() right after you opened it. Default is blocking mode.
-
-The example below reads a very big file in asynchronous, nonblocking, mode. Each
-time the data are not ready yet, a counter is incrementer.
-
-@code
-int sftp_read_async(ssh_session session, sftp_session sftp)
-{
-  int access_type;
-  sftp_file file;
-  char buffer[1024];
-  int async_request;
-  int nbytes;
-  long counter;
-  int rc;
-
-  access_type = O_RDONLY;
-  file = sftp_open(sftp, "some_very_big_file", access_type, 0);
-  if (file == NULL)
-  {
-    fprintf(stderr, "Can't open file for reading: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-  sftp_file_set_nonblocking(file);
-
-  async_request = sftp_async_read_begin(file, sizeof(buffer));
-  counter = 0L;
-  usleep(10000);
-  if (async_request >= 0)
-    nbytes = sftp_async_read(file, buffer, sizeof(buffer), async_request);
-  else nbytes = -1;
-  while (nbytes > 0 || nbytes == SSH_AGAIN)
-  {
-    if (nbytes > 0)
-    {
-      write(1, buffer, nbytes);
-      async_request = sftp_async_read_begin(file, sizeof(buffer));
-    }
-    else counter++;
-    usleep(10000);
-    if (async_request >= 0)
-      nbytes = sftp_async_read(file, buffer, sizeof(buffer), async_request);
-    else nbytes = -1;
-  }
-
-  if (nbytes < 0)
-  {
-    fprintf(stderr, "Error while reading file: %s\n", ssh_get_error(session));
-    sftp_close(file);
-    return SSH_ERROR;
-  }
-
-  printf("The counter has reached value: %ld\n", counter);
-
-  rc = sftp_close(file);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't close the read file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-@subsection sftp_ls Listing the contents of a directory
-
-The functions sftp_opendir(), sftp_readdir(), sftp_dir_eof(),
-and sftp_closedir() enable to list the contents of a directory. 
-They use a new handle_type, "sftp_dir", which gives access to the
-directory being read.
-
-In addition, sftp_readdir() returns a "sftp_attributes" which is a pointer
-to a structure with informations about a directory entry:
-  - name: the name of the file or directory
-  - size: its size in bytes
-  - etc.
-
-sftp_readdir() might return NULL under two conditions:
-  - when the end of the directory has been met
-  - when an error occured
-
-To tell the difference, call sftp_dir_eof().
-
-The attributes must be freed with sftp_attributes_free() when no longer
-needed.
-
-The following example reads the contents of some remote directory:
-
-@code
-int sftp_list_dir(ssh_session session, sftp_session sftp)
-{
-  sftp_dir dir;
-  sftp_attributes attributes;
-  int rc;
-
-  dir = sftp_opendir(sftp, "/var/log");
-  if (!dir)
-  {
-    fprintf(stderr, "Directory not opened: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  printf("Name                         Size Perms    Owner\tGroup\n");
-
-  while ((attributes = sftp_readdir(sftp, dir)) != NULL)
-  {
-    printf("%-22s %10llu %.8o %s(%d)\t%s(%d)\n",
-     attributes->name,
-     (long long unsigned int) attributes->size,
-     attributes->permissions,
-     attributes->owner,
-     attributes->uid,
-     attributes->group,
-     attributes->gid);
-
-     sftp_attributes_free(attributes);
-  }
-
-  if (!sftp_dir_eof(dir))
-  {
-    fprintf(stderr, "Can't list directory: %s\n", ssh_get_error(session));
-    sftp_closedir(dir);
-    return SSH_ERROR;
-  }
-
-  rc = sftp_closedir(dir);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't close directory: %s\n", ssh_get_error(session));
-    return rc;
-  }
-}
-@endcode
-
-*/

doc/shell.dox

@@ -1,361 +0,0 @@
-/**
-@page libssh_tutor_shell Chapter 3: Opening a remote shell
-@section opening_shell Opening a remote shell
-
-We already mentioned that a single SSH connection can be shared
-between several "channels". Channels can be used for different purposes.
-
-This chapter shows how to open one of these channels, and how to use it to
-start a command interpreter on a remote computer.
-
-
-@subsection open_channel Opening and closing a channel
-
-The ssh_channel_new() function creates a channel. It returns the channel as
-a variable of type ssh_channel.
-
-Once you have this channel, you open a SSH session that uses it with
-ssh_channel_open_session().
-
-Once you don't need the channel anymore, you can send an end-of-file
-to it with ssh_channel_close(). At this point, you can destroy the channel
-with ssh_channel_free().
-
-The code sample below achieves these tasks:
-
-@code
-int shell_session(ssh_session session)
-{
-  ssh_channel channel;
-  int rc;
-
-  channel = ssh_channel_new(session);
-  if (channel == NULL)
-    return SSH_ERROR;
-
-  rc = ssh_channel_open_session(channel);
-  if (rc != SSH_OK)
-  {
-    ssh_channel_free(channel);
-    return rc;
-  }
-
-  ...
-
-  ssh_channel_close(channel);
-  ssh_channel_send_eof(channel);
-  ssh_channel_free(channel);
-
-  return SSH_OK;
-}
-@endcode
-
-
-@subsection interactive Interactive and non-interactive sessions
-
-A "shell" is a command interpreter. It is said to be "interactive"
-if there is a human user typing the commands, one after the
-other. The contrary, a non-interactive shell, is similar to
-the execution of commands in the background: there is no attached
-terminal.
-
-If you plan using an interactive shell, you need to create a
-pseud-terminal on the remote side. A remote terminal is usually referred
-to as a "pty", for "pseudo-teletype". The remote processes won't see the
-difference with a real text-oriented terminal.
-
-If needed, you request the pty with the function ssh_channel_request_pty().
-Then you define its dimensions (number of rows and columns)
-with ssh_channel_change_pty_size().
-
-Be your session interactive or not, the next step is to request a
-shell with ssh_channel_request_shell().
-
-@code
-int interactive_shell_session(ssh_channel channel)
-{
-  int rc;
-
-  rc = ssh_channel_request_pty(channel);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_change_pty_size(channel, 80, 24);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_request_shell(channel);
-  if (rc != SSH_OK) return rc;
-
-  ...
-
-  return rc;
-}
-@endcode
-
-
-@subsection read_data Displaying the data sent by the remote computer
-
-In your program, you will usually need to receive all the data "displayed"
-into the remote pty. You will usually analyse, log, or display this data.
-
-ssh_channel_read() and ssh_channel_read_nonblocking() are the simplest
-way to read data from a channel. If you only need to read from a single
-channel, they should be enough.
-
-The example below shows how to wait for remote data using ssh_channel_read():
-
-@code
-int interactive_shell_session(ssh_channel channel)
-{
-  int rc;
-  char buffer[256];
-  int nbytes;
-
-  rc = ssh_channel_request_pty(channel);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_change_pty_size(channel, 80, 24);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_request_shell(channel);
-  if (rc != SSH_OK) return rc;
-
-  while (ssh_channel_is_open(channel) &&
-         !ssh_channel_is_eof(channel))
-  {
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    if (nbytes < 0)
-      return SSH_ERROR;
-
-    if (nbytes > 0)
-      write(1, buffer, nbytes);
-  }
-
-  return rc;
-}
-@endcode
-
-Unlike ssh_channel_read(), ssh_channel_read_nonblocking() never waits for
-remote data to be ready. It returns immediately.
-
-If you plan to use ssh_channel_read_nonblocking() repeatedly in a loop,
-you should use a "passive wait" function like usleep(3) in the same
-loop. Otherwise, your program will consume all the CPU time, and your
-computer might become unresponsive.
-
-
-@subsection write_data Sending user input to the remote computer
-
-User's input is sent to the remote site with ssh_channel_write().
-
-The following example shows how to combine a nonblocking read from a SSH
-channel with a nonblocking read from the keyboard. The local input is then
-sent to the remote computer:
-
-@code
-/* Under Linux, this function determines whether a key has been pressed.
-   Under Windows, it is a standard function, so you need not redefine it.
-*/
-int kbhit()
-{
-    struct timeval tv = { 0L, 0L };
-    fd_set fds;
-
-    FD_ZERO(&fds);
-    FD_SET(0, &fds);
-
-    return select(1, &fds, NULL, NULL, &tv);
-}
-
-/* A very simple terminal emulator:
-   - print data received from the remote computer
-   - send keyboard input to the remote computer
-*/
-int interactive_shell_session(ssh_channel channel)
-{
-  /* Session and terminal initialization skipped */
-  ...
-
-  char buffer[256];
-  int nbytes, nwritten;
-
-  while (ssh_channel_is_open(channel) &&
-         !ssh_channel_is_eof(channel))
-  {
-    nbytes = ssh_channel_read_nonblocking(channel, buffer, sizeof(buffer), 0);
-    if (nbytes < 0) return SSH_ERROR;
-    if (nbytes > 0)
-    {
-      nwritten = write(1, buffer, nbytes);
-      if (nwritten != nbytes) return SSH_ERROR;
-
-    if (!kbhit())
-    {
-      usleep(50000L); // 0.05 second
-      continue;
-    }
-
-    nbytes = read(0, buffer, sizeof(buffer));
-    if (nbytes < 0) return SSH_ERROR;
-    if (nbytes > 0)
-    {
-      nwritten = ssh_channel_write(channel, buffer, nbytes);
-      if (nwritten != nbytes) return SSH_ERROR;
-    }
-  }
-
-  return rc;
-}
-@endcode
-
-Of course, this is a poor terminal emulator, since the echo from the keys
-pressed should not be done locally, but should be done by the remote side.
-Also, user's input should not be sent once "Enter" key is pressed, but 
-immediately after each key is pressed. This can be accomplished
-by setting the local terminal to "raw" mode with the cfmakeraw(3) function.
-cfmakeraw() is a standard function under Linux, on other systems you can
-recode it with:
-
-@code
-static void cfmakeraw(struct termios *termios_p)
-{
-    termios_p->c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP|INLCR|IGNCR|ICRNL|IXON);
-    termios_p->c_oflag &= ~OPOST;
-    termios_p->c_lflag &= ~(ECHO|ECHONL|ICANON|ISIG|IEXTEN);
-    termios_p->c_cflag &= ~(CSIZE|PARENB);
-    termios_p->c_cflag |= CS8;
-}
-@endcode
-
-If you are not using a local terminal, but some kind of graphical
-environment, the solution to this kind of "echo" problems will be different.
-
-
-@subsection select_loop A more elaborate way to get the remote data
-
-*** Warning: ssh_select() and ssh_channel_select() are not relevant anymore,
-    since libssh is about to provide an easier system for asynchronous
-    communications. This subsection should be removed then. ***
-
-ssh_channel_read() and ssh_channel_read_nonblocking() functions are simple,
-but they are not adapted when you expect data from more than one SSH channel,
-or from other file descriptors. Last example showed how getting data from
-the standard input (the keyboard) at the same time as data from the SSH
-channel was complicated. The functions ssh_select() and ssh_channel_select()
-provide a more elegant way to wait for data coming from many sources.
-
-The functions ssh_select() and ssh_channel_select() remind of the standard
-UNIX select(2) function. The idea is to wait for "something" to happen:
-incoming data to be read, outcoming data to block, or an exception to
-occur. Both these functions do a "passive wait", i.e. you can safely use
-them repeatedly in a loop, it will not consume exaggerate processor time
-and make your computer unresponsive. It is quite common to use these
-functions in your application's main loop.
-
-The difference between ssh_select() and ssh_channel_select() is that 
-ssh_channel_select() is simpler, but allows you only to watch SSH channels.
-ssh_select() is more complete and enables watching regular file descriptors
-as well, in the same function call.
-
-Below is an example of a function that waits both for remote SSH data to come,
-as well as standard input from the keyboard:
-
-@code
-int interactive_shell_session(ssh_session session, ssh_channel channel)
-{
-  /* Session and terminal initialization skipped */
-  ...
-
-  char buffer[256];
-  int nbytes, nwritten;
-
-  while (ssh_channel_is_open(channel) &&
-         !ssh_channel_is_eof(channel))
-  {
-    struct timeval timeout;
-    ssh_channel in_channels[2], out_channels[2];
-    fd_set fds;
-    int maxfd;
-
-    timeout.tv_sec = 30;
-    timeout.tv_usec = 0;
-    in_channels[0] = channel;
-    in_channels[1] = NULL;
-    FD_ZERO(&fds);
-    FD_SET(0, &fds);
-    FD_SET(ssh_get_fd(session), &fds);
-    maxfd = ssh_get_fd(session) + 1;
-
-    ssh_select(in_channels, out_channels, maxfd, &fds, &timeout);
-
-    if (out_channels[0] != NULL)
-    {
-      nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-      if (nbytes < 0) return SSH_ERROR;
-      if (nbytes > 0)
-      {
-        nwritten = write(1, buffer, nbytes);
-        if (nwritten != nbytes) return SSH_ERROR;
-      }
-    }
-
-    if (FD_ISSET(0, &fds))
-    {
-      nbytes = read(0, buffer, sizeof(buffer));
-      if (nbytes < 0) return SSH_ERROR;
-      if (nbytes > 0)
-      {
-        nwritten = ssh_channel_write(channel, buffer, nbytes);
-        if (nbytes != nwritten) return SSH_ERROR;
-      }
-    }
-  }
-
-  return rc;
-}
-@endcode
-
-
-@subsection x11 Using graphical applications on the remote side
-
-If your remote application is graphical, you can forward the X11 protocol to
-your local computer.
-
-To do that, you first declare that you accept X11 connections with
-ssh_channel_accept_x11(). Then you create the forwarding tunnel for
-the X11 protocol with ssh_channel_request_x11().
-
-The following code performs channel initialization and shell session
-opening, and handles a parallel X11 connection:
-
-@code
-int interactive_shell_session(ssh_channel channel)
-{
-  int rc;
-  ssh_channel x11channel;
-
-  rc = ssh_channel_request_pty(channel);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_change_pty_size(channel, 80, 24);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_request_x11(channel, 0, NULL, NULL, 0);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_request_shell(channel);
-  if (rc != SSH_OK) return rc;
-
-  /* Read the data sent by the remote computer here */
-  ...
-}
-@endcode
-
-Don't forget to set the $DISPLAY environment variable on the remote
-side, or the remote applications won't try using the X11 tunnel:
-
-@code
-$ export DISPLAY=:0
-$ xclock &
-@endcode
-
-*/

doc/style.css

@@ -0,0 +1,184 @@
+
+body {
+background-color:#ddf;
+/*background-image:url(../back6.jpg);*/
+margin:10px 10px 10px 10px;
+}
+
+h1 {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+background-color:transparent;
+text-align:left;
+}
+h2 {
+font-family:verdana, sans-serif;
+font-size:100%;
+color:black;
+background-color:transparent;
+text-align:left;
+}
+h3 {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+background-color:transparent;
+text-align:left;
+}
+p {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+background-color:transparent;
+text-align:left;
+margin-left:0px;
+margin-right:0px;
+}
+li {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+background-color:transparent;
+text-align:left;
+margin-left:0px;
+margin-right:0px;
+}
+a:link {
+font-family:verdana, sans-serif;
+font-size:100%;
+color:black;
+background-color:transparent;
+text-decoration:underline;
+}
+a:visited {
+font-family:verdana, sans-serif;
+font-size:100%;
+color:black;
+background-color:transparent;
+text-decoration:underline;
+}
+a:hover {
+font-family:verdana, sans-serif;
+font-size:100%;
+color:black;
+background-color:transparent;
+text-decoration:underline;
+}
+
+table {
+border-color:transparent;
+border-style:solid;
+border-width:1px;
+}
+
+td {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+text-align:left;
+background-color:transparent;
+border-color:transparent;
+border-style:solid;
+border-width:1px;
+}
+
+.tout {
+	margin: 5px;
+	padding: 0px;
+	border: 2px solid #aac;
+	background: #eef;
+	}
+	
+.prot {
+border-style:solid; 
+border-width:2px; 
+border-color:#88F;
+padding: 4px; 
+background-color:#cce;
+margin: 5px 5px 5px 5px;
+}
+
+.ex {
+border-style:solid; 
+border-width:2px; 
+border-color:#aaF;
+padding: 4px; 
+background-color:#dde;
+margin: 5px 5px 5px 5px;
+}
+.desc {
+border-style:solid; 
+border-width:3px; 
+border-color:#66F;
+padding: 4px; 
+background-color:#aac;
+margin: 15px 5px 20px 5px;
+}
+
+#titre {
+	margin: 5px;
+	padding: 0px;
+	border: 5px solid #aac;
+	background: #eef;
+	}
+
+#gauche {
+	float:left;
+	margin: 5px;
+	padding: 4px;
+	border: 5px solid #aac;
+	background: #bbf;
+	width: 130px;
+	}
+
+#droite {
+	position: relative;
+	top:5px;
+	left:165px;
+        margin: 5px 170px 5px 5px;
+	padding: 10px;
+	border: 5px solid #aac;
+	background: #bbf;
+}
+
+/* boutons */
+
+a.bouton:link{
+width:128px;
+height:34px;
+text-decoration:none;
+color:#aaa;
+text-align:center;
+font-weight:bold;
+/*background-color:#444;*/
+background-image:url(noclicked.png);
+}
+
+a.bouton:visited{
+width:128px;
+height:34px;
+text-decoration:none;
+color:#aaa;
+text-align:center;
+font-weight:bold;
+/*background-color:#444;*/
+background-image:url(noclicked.png);
+}
+
+a.bouton:hover{
+width:128px;
+height:34px;
+text-decoration:none;
+color:white;
+text-align:center;
+font-weight:bold;
+/*background-color:#888;*/
+background-image:url(clicked.png);
+}
+
+.bouton{
+ text-align:center;
+display:block;
+}
+

doc/tbd.dox

@@ -1,14 +0,0 @@
-/**
-@page libssh_tutor_todo To be done
-
-*** To be written ***
-
-@section sshd Writing a libssh-based server
-
-*** To be written ***
-
-@section cpp The libssh C++ wrapper
-
-*** To be written ***
-
-*/

doc/threading.dox

@@ -1,65 +0,0 @@
-/**
-@page libssh_tutor_threads Chapter 8: Threads with libssh
-@section threads_with_libssh How to use libssh with threads
-
-libssh may be used in multithreaded applications, but under several conditions :
- - Threading must be initialized during the initialization of libssh. This 
-   initialization must be done outside of any threading context.
- - If pthreads is being used by your application (or your framework's backend),
-   you must link with libssh_threads_pthread dynamic library and initialize 
-   threading with the ssh_threads_pthreads threading object.
- - If an other threading library is being used by your application, you must 
-   implement all the methods of the ssh_threads_callbacks_struct structure
-   and initialize libssh with it.
- - At all times, you may use different sessions inside threads, make parallel
-   connections, read/write on different sessions and so on. You can use a
-   single session in several channels at the same time. This will lead to
-   internal state corruption. This limitation is being worked out and will
-   maybe disappear later.
-   
-@subsection threads_init Initialization of threads
-
-To initialize threading, you must first select the threading model you want to
-use, using ssh_threads_set_callbacks(), then call ssh_init().
-
-@code 
-#include <libssh/callbacks.h>
-...
-ssh_threads_set_callbacks(ssh_threads_noop);
-ssh_init();
-@endcode
-
-ssh_threads_noop is the threading structure that does nothing. It's the
-threading callbacks being used by default when you're not using threading.
-
-@subsection threads_pthread Using libpthread with libssh
-
-If your application is using libpthread, you may simply use the libpthread
-threading backend:
-
-@code
-#include <libssh/callbacks.h>
-...
-ssh_threads_set_callbacks(ssh_threads_pthread);
-ssh_init();
-@endcode
-
-However, you must be sure to link with the library ssh_threads_pthread. If 
-you're using gcc, you must use the commandline
-@code
-gcc -o output input.c -lssh -lssh_threads_pthread
-@endcode 
-
-
-@subsection threads_other Using another threading library
-
-You must find your way in the ssh_threads_callbacks_struct structure. You must
-implement the following methods :
-- mutex_lock
-- mutex_unlock
-- mutex_init
-- mutex_destroy
-- thread_id
-
-Good luck !
-*/

examples/CMakeLists.txt

@@ -1,4 +1,4 @@
-project(libssh-examples C CXX)
+project(libssh-examples C)
 
 set(examples_SRCS
   authentication.c
@@ -6,43 +6,36 @@ set(examples_SRCS
   connect_ssh.c
 )
 
+include_directories(
+  ${LIBSSH_PUBLIC_INCLUDE_DIRS}
+  ${LIBSSH_PRIVATE_INCLUDE_DIRS}  
+)
+
+add_executable(libssh_scp libssh_scp.c ${examples_SRCS})
+add_executable(scp_download scp_download.c ${examples_SRCS})
+add_executable(samplessh sample.c ${examples_SRCS})
+add_executable(exec exec.c ${examples_SRCS})
+add_executable(sshnetcat sshnetcat.c ${examples_SRCS})
+
+target_link_libraries(libssh_scp ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(scp_download ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(samplessh ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(exec ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(sshnetcat ${LIBSSH_SHARED_LIBRARY})
+
+
 include_directories(
   ${LIBSSH_PUBLIC_INCLUDE_DIRS}
   ${CMAKE_BINARY_DIR}
 )
 
-if (LINUX)
-    add_executable(libssh_scp libssh_scp.c ${examples_SRCS})
-    target_link_libraries(libssh_scp ${LIBSSH_SHARED_LIBRARY})
+if (WITH_SFTP)
+  add_executable(samplesftp samplesftp.c ${examples_SRCS})
+  target_link_libraries(samplesftp ${LIBSSH_SHARED_LIBRARY})
+endif (WITH_SFTP)
 
-    add_executable(scp_download scp_download.c ${examples_SRCS})
-    target_link_libraries(scp_download ${LIBSSH_SHARED_LIBRARY})
+if (WITH_SERVER)
+  add_executable(samplesshd samplesshd.c)
+  target_link_libraries(samplesshd ${LIBSSH_SHARED_LIBRARY})
+endif (WITH_SERVER)
 
-    add_executable(samplessh sample.c ${examples_SRCS})
-    target_link_libraries(samplessh ${LIBSSH_SHARED_LIBRARY})
-
-    add_executable(sshnetcat sshnetcat.c ${examples_SRCS})
-    target_link_libraries(sshnetcat ${LIBSSH_SHARED_LIBRARY})
-
-    if (WITH_SFTP)
-        add_executable(samplesftp samplesftp.c ${examples_SRCS})
-        target_link_libraries(samplesftp ${LIBSSH_SHARED_LIBRARY})
-    endif (WITH_SFTP)
-
-    if (WITH_SERVER)
-        add_executable(samplesshd samplesshd.c)
-        target_link_libraries(samplesshd ${LIBSSH_SHARED_LIBRARY})
-    endif (WITH_SERVER)
-endif (LINUX)
-
-add_executable(exec exec.c ${examples_SRCS})
-target_link_libraries(exec ${LIBSSH_SHARED_LIBRARY})
-
-add_executable(senddata senddata.c ${examples_SRCS})
-target_link_libraries(senddata ${LIBSSH_SHARED_LIBRARY})
-
-add_executable(libsshpp libsshpp.cpp)
-target_link_libraries(libsshpp ${LIBSSH_SHARED_LIBRARY})
-
-add_executable(libsshpp_noexcept libsshpp_noexcept.cpp)
-target_link_libraries(libsshpp_noexcept ${LIBSSH_SHARED_LIBRARY})

examples/authentication.c

@@ -18,109 +18,73 @@ clients must be made or how a client should react.
  */
 
 #include <stdio.h>
+#include <unistd.h>
 #include <stdlib.h>
 #include <string.h>
 
 #include <libssh/libssh.h>
 #include "examples_common.h"
 
-int authenticate_kbdint(ssh_session session, const char *password) {
-    int err;
-
-    err = ssh_userauth_kbdint(session, NULL, NULL);
-    while (err == SSH_AUTH_INFO) {
-        const char *instruction;
-        const char *name;
-        char buffer[128];
-        int i, n;
-
-        name = ssh_userauth_kbdint_getname(session);
-        instruction = ssh_userauth_kbdint_getinstruction(session);
-        n = ssh_userauth_kbdint_getnprompts(session);
-
-        if (name && strlen(name) > 0) {
-            printf("%s\n", name);
+int authenticate_kbdint(ssh_session session){
+  int err=ssh_userauth_kbdint(session,NULL,NULL);
+  const char *name, *instruction, *prompt;
+  char *ptr;
+  char buffer[128];
+  int i,n;
+  char echo;
+  while (err==SSH_AUTH_INFO){
+    name=ssh_userauth_kbdint_getname(session);
+    instruction=ssh_userauth_kbdint_getinstruction(session);
+    n=ssh_userauth_kbdint_getnprompts(session);
+    if(strlen(name)>0)
+      printf("%s\n",name);
+    if(strlen(instruction)>0)
+      printf("%s\n",instruction);
+    for(i=0;i<n;++i){
+      prompt=ssh_userauth_kbdint_getprompt(session,i,&echo);
+      if(echo){
+        printf("%s",prompt);
+        fgets(buffer,sizeof(buffer),stdin);
+        buffer[sizeof(buffer)-1]=0;
+        if((ptr=strchr(buffer,'\n')))
+          *ptr=0;
+        if (ssh_userauth_kbdint_setanswer(session,i,buffer) < 0) {
+          return SSH_AUTH_ERROR;
         }
-
-        if (instruction && strlen(instruction) > 0) {
-            printf("%s\n", instruction);
+        memset(buffer,0,strlen(buffer));
+      } else {
+        ptr=getpass(prompt);
+        if (ssh_userauth_kbdint_setanswer(session,i,ptr) < 0) {
+          return SSH_AUTH_ERROR;
         }
-
-        for (i = 0; i < n; i++) {
-            const char *answer;
-            const char *prompt;
-            char echo;
-
-            prompt = ssh_userauth_kbdint_getprompt(session, i, &echo);
-            if (prompt == NULL) {
-                break;
-            }
-
-            if (echo) {
-                char *p;
-
-                printf("%s", prompt);
-
-                if (fgets(buffer, sizeof(buffer), stdin) == NULL) {
-                    return SSH_AUTH_ERROR;
-                }
-
-                buffer[sizeof(buffer) - 1] = '\0';
-                if ((p = strchr(buffer, '\n'))) {
-                    *p = '\0';
-                }
-
-                if (ssh_userauth_kbdint_setanswer(session, i, buffer) < 0) {
-                    return SSH_AUTH_ERROR;
-                }
-
-                memset(buffer, 0, strlen(buffer));
-            } else {
-                if (password && strstr(prompt, "Password:")) {
-                    answer = password;
-                } else {
-                    buffer[0] = '\0';
-
-                    if (ssh_getpass(prompt, buffer, sizeof(buffer), 0, 0) < 0) {
-                        return SSH_AUTH_ERROR;
-                    }
-                    answer = buffer;
-                }
-                if (ssh_userauth_kbdint_setanswer(session, i, answer) < 0) {
-                    return SSH_AUTH_ERROR;
-                }
-            }
-        }
-        err=ssh_userauth_kbdint(session,NULL,NULL);
+      }
     }
-
-    return err;
-}
-
-static void error(ssh_session session){
-	fprintf(stderr,"Authentication failed: %s\n",ssh_get_error(session));
+    err=ssh_userauth_kbdint(session,NULL,NULL);
+  }
+  return err;
 }
 
 int authenticate_console(ssh_session session){
   int rc;
   int method;
-  char password[128] = {0};
+  char *password;
   char *banner;
 
   // Try to authenticate
   rc = ssh_userauth_none(session, NULL);
   if (rc == SSH_AUTH_ERROR) {
-    error(session);
+    perror("Authentication failed.");
     return rc;
   }
 
   method = ssh_auth_list(session);
   while (rc != SSH_AUTH_SUCCESS) {
+
     // Try to authenticate with public key first
     if (method & SSH_AUTH_METHOD_PUBLICKEY) {
       rc = ssh_userauth_autopubkey(session, NULL);
       if (rc == SSH_AUTH_ERROR) {
-      	error(session);
+        perror("Authentication failed.");
         return rc;
       } else if (rc == SSH_AUTH_SUCCESS) {
         break;
@@ -129,24 +93,21 @@ int authenticate_console(ssh_session session){
 
     // Try to authenticate with keyboard interactive";
     if (method & SSH_AUTH_METHOD_INTERACTIVE) {
-      rc = authenticate_kbdint(session, NULL);
+      rc = authenticate_kbdint(session);
       if (rc == SSH_AUTH_ERROR) {
-      	error(session);
+        perror("Authentication failed.");
         return rc;
       } else if (rc == SSH_AUTH_SUCCESS) {
         break;
       }
     }
 
-    if (ssh_getpass("Password: ", password, sizeof(password), 0, 0) < 0) {
-        return SSH_AUTH_ERROR;
-    }
-
+    password=getpass("Password: ");
     // Try to authenticate with password
     if (method & SSH_AUTH_METHOD_PASSWORD) {
       rc = ssh_userauth_password(session, NULL, password);
       if (rc == SSH_AUTH_ERROR) {
-      	error(session);
+        perror("Authentication failed.");
         return rc;
       } else if (rc == SSH_AUTH_SUCCESS) {
         break;
@@ -157,7 +118,7 @@ int authenticate_console(ssh_session session){
   banner = ssh_get_issue_banner(session);
   if (banner) {
     printf("%s\n",banner);
-    ssh_string_free_char(banner);
+    free(banner);
   }
 
   return rc;

examples/connect_ssh.c

@@ -32,25 +32,22 @@ ssh_session connect_ssh(const char *host, const char *user,int verbosity){
 
   if(user != NULL){
     if (ssh_options_set(session, SSH_OPTIONS_USER, user) < 0) {
-      ssh_free(session);
+      ssh_disconnect(session);
       return NULL;
     }
   }
 
   if (ssh_options_set(session, SSH_OPTIONS_HOST, host) < 0) {
-    ssh_free(session);
     return NULL;
   }
   ssh_options_set(session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity);
   if(ssh_connect(session)){
     fprintf(stderr,"Connection failed : %s\n",ssh_get_error(session));
     ssh_disconnect(session);
-    ssh_free(session);
     return NULL;
   }
   if(verify_knownhost(session)<0){
     ssh_disconnect(session);
-    ssh_free(session);
     return NULL;
   }
   auth=authenticate_console(session);
@@ -62,6 +59,5 @@ ssh_session connect_ssh(const char *host, const char *user,int verbosity){
     fprintf(stderr,"Error while authenticating : %s\n",ssh_get_error(session));
   }
   ssh_disconnect(session);
-  ssh_free(session);
   return NULL;
 }

examples/examples_common.h

@@ -15,7 +15,7 @@ clients must be made or how a client should react.
 
 #include <libssh/libssh.h>
 int authenticate_console(ssh_session session);
-int authenticate_kbdint(ssh_session session, const char *password);
+int authenticate_kbdint(ssh_session session);
 int verify_knownhost(ssh_session session);
 ssh_session connect_ssh(const char *hostname, const char *user, int verbosity);
 

examples/exec.c

@@ -5,62 +5,53 @@
 #include "examples_common.h"
 
 int main(void) {
-    ssh_session session;
-    ssh_channel channel;
-    char buffer[256];
-    int nbytes;
-    int rc;
-
-    session = connect_ssh("localhost", NULL, 0);
-    if (session == NULL) {
-        ssh_finalize();
-        return 1;
-    }
-
-    channel = ssh_channel_new(session);;
-    if (channel == NULL) {
-        ssh_disconnect(session);
-        ssh_free(session);
-        ssh_finalize();
-        return 1;
-    }
-
-    rc = ssh_channel_open_session(channel);
-    if (rc < 0) {
-        goto failed;
-    }
-
-    rc = ssh_channel_request_exec(channel, "lsof");
-    if (rc < 0) {
-        goto failed;
-    }
-
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    while (nbytes > 0) {
-        if (fwrite(buffer, 1, nbytes, stdout) != (unsigned int) nbytes) {
-            goto failed;
-        }
-        nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    }
-
-    if (nbytes < 0) {
-        goto failed;
-    }
-
-    ssh_channel_send_eof(channel);
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    ssh_disconnect(session);
-    ssh_free(session);
-    ssh_finalize();
-
-    return 0;
-failed:
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    ssh_disconnect(session);
-    ssh_free(session);
-    ssh_finalize();
+  ssh_session session;
+  ssh_channel channel;
+  char buf[4096];
+  int rc;
 
+  session = connect_ssh("localhost", NULL, 0);
+  if (session == NULL) {
     return 1;
+  }
+
+  channel = channel_new(session);;
+  if (channel == NULL) {
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+  rc = channel_open_session(channel);
+  if (rc < 0) {
+    channel_close(channel);
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+  rc = channel_request_exec(channel, "ps aux");
+  if (rc < 0) {
+    channel_close(channel);
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+  do {
+    if (channel_is_open(channel)) {
+      rc = channel_read(channel, buf, sizeof(buf), 0);
+      if(rc > 0){
+        fwrite(buf,1,rc,stdout);
+      }
+    }
+  } while(rc > 0);
+
+  channel_send_eof(channel);
+  channel_close(channel);
+
+  ssh_disconnect(session);
+  ssh_finalize();
+
+  return 0;
 }

examples/knownhosts.c

@@ -20,15 +20,12 @@ clients must be made or how a client should react.
 #include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <unistd.h>
 #include <string.h>
 
 #include <libssh/libssh.h>
 #include "examples_common.h"
 
-#ifdef _WIN32
-#define strncasecmp _strnicmp
-#endif
-
 int verify_knownhost(ssh_session session){
   char *hexa;
   int state;
@@ -48,7 +45,7 @@ int verify_knownhost(ssh_session session){
     case SSH_SERVER_KNOWN_CHANGED:
       fprintf(stderr,"Host key for server changed : server's one is now :\n");
       ssh_print_hexa("Public key hash",hash, hlen);
-      ssh_clean_pubkey_hash(&hash);
+      free(hash);
       fprintf(stderr,"For security reason, connection will be stopped\n");
       return -1;
     case SSH_SERVER_FOUND_OTHER:
@@ -65,23 +62,16 @@ int verify_knownhost(ssh_session session){
       hexa = ssh_get_hexa(hash, hlen);
       fprintf(stderr,"The server is unknown. Do you trust the host key ?\n");
       fprintf(stderr, "Public key hash: %s\n", hexa);
-      ssh_string_free_char(hexa);
-      if (fgets(buf, sizeof(buf), stdin) == NULL) {
-	    ssh_clean_pubkey_hash(&hash);
-        return -1;
-      }
+      free(hexa);
+      fgets(buf,sizeof(buf),stdin);
       if(strncasecmp(buf,"yes",3)!=0){
-	    ssh_clean_pubkey_hash(&hash);
         return -1;
       }
       fprintf(stderr,"This new key will be written on disk for further usage. do you agree ?\n");
-      if (fgets(buf, sizeof(buf), stdin) == NULL) {
-	    ssh_clean_pubkey_hash(&hash);
-        return -1;
-      }
+      fgets(buf,sizeof(buf),stdin);
       if(strncasecmp(buf,"yes",3)==0){
         if (ssh_write_knownhost(session) < 0) {
-          ssh_clean_pubkey_hash(&hash);
+          free(hash);
           fprintf(stderr, "error %s\n", strerror(errno));
           return -1;
         }
@@ -89,10 +79,10 @@ int verify_knownhost(ssh_session session){
 
       break;
     case SSH_SERVER_ERROR:
-      ssh_clean_pubkey_hash(&hash);
+      free(hash);
       fprintf(stderr,"%s",ssh_get_error(session));
       return -1;
   }
-  ssh_clean_pubkey_hash(&hash);
+  free(hash);
   return 0;
 }

examples/libssh_scp.c

@@ -182,7 +182,7 @@ static int do_copy(struct location *src, struct location *dest, int recursive){
     fd=fileno(src->file);
     fstat(fd,&s);
     size=s.st_size;
-    mode = s.st_mode & S_IFMT;
+    mode=s.st_mode;
     filename=ssh_basename(src->path);
   } else {
     size=0;
@@ -207,7 +207,7 @@ static int do_copy(struct location *src, struct location *dest, int recursive){
   }
 
   if(dest->is_ssh){
-	  r=ssh_scp_push_file(dest->scp,src->path, size, mode);
+	  r=ssh_scp_push_file(dest->scp,src->path,size,0644);
 	  //  snprintf(buffer,sizeof(buffer),"C0644 %d %s\n",size,src->path);
 	  if(r==SSH_ERROR){
 		  fprintf(stderr,"error: %s\n",ssh_get_error(dest->session));

examples/libsshpp.cpp

@@ -1,33 +0,0 @@
-/*
-Copyright 2010 Aris Adamantiadis
-
-This file is part of the SSH Library
-
-You are free to copy this file, modify it in any way, consider it being public
-domain. This does not apply to the rest of the library though, but it is
-allowed to cut-and-paste working code from this file to any license of
-program.
-*/
-
-/* This file demonstrates the use of the C++ wrapper to libssh */
-
-#include <iostream>
-#include <string>
-#include <libssh/libsshpp.hpp>
-
-int main(int argc, const char **argv){
-  ssh::Session session;
-  try {
-    if(argc>1)
-      session.setOption(SSH_OPTIONS_HOST,argv[1]);
-    else
-      session.setOption(SSH_OPTIONS_HOST,"localhost");
-    session.connect();
-    session.userauthAutopubkey();
-    session.disconnect();
-  } catch (ssh::SshException e){
-    std::cout << "Error during connection : ";
-    std::cout << e.getError() << std::endl;
-  }
-  return 0;
-}

examples/libsshpp_noexcept.cpp

@@ -1,41 +0,0 @@
-/*
-Copyright 2010 Aris Adamantiadis
-
-This file is part of the SSH Library
-
-You are free to copy this file, modify it in any way, consider it being public
-domain. This does not apply to the rest of the library though, but it is
-allowed to cut-and-paste working code from this file to any license of
-program.
-*/
-
-/* This file demonstrates the use of the C++ wrapper to libssh
- * specifically, without C++ exceptions
- */
-
-#include <iostream>
-#define SSH_NO_CPP_EXCEPTIONS
-#include <libssh/libsshpp.hpp>
-
-int main(int argc, const char **argv){
-	ssh::Session session,s2;
-	int err;
-	if(argc>1)
-		err=session.setOption(SSH_OPTIONS_HOST,argv[1]);
-	else
-		err=session.setOption(SSH_OPTIONS_HOST,"localhost");
-	if(err==SSH_ERROR)
-		goto error;
-	err=session.connect();
-	if(err==SSH_ERROR)
-		goto error;
-	err=session.userauthAutopubkey();
-	if(err==SSH_ERROR)
-		goto error;
-
-	return 0;
-	error:
-	std::cout << "Error during connection : ";
-	std::cout << session.getError() << std::endl;
-	return 1;
-}

examples/sample.c

@@ -40,7 +40,11 @@ char *user;
 char *cmds[MAXCMD];
 struct termios terminal;
 
+#ifdef WITH_PCAP
+/* this header file won't be necessary in the future */
+#include <libssh/pcap.h>
 char *pcap_file=NULL;
+#endif
 
 char *proxycommand;
 
@@ -55,13 +59,10 @@ static int auth_callback(const char *prompt, char *buf, size_t len,
   if (echo) {
     while ((answer = fgets(buf, len, stdin)) == NULL);
     if ((ptr = strchr(buf, '\n'))) {
-      *ptr = '\0';
+      ptr = '\0';
     }
   } else {
-    if (ssh_getpass(prompt, buf, len, 0, 0) < 0) {
-        return -1;
-    }
-    return 0;
+    answer = getpass(prompt);
   }
 
   if (answer == NULL) {
@@ -112,15 +113,17 @@ static int opts(int argc, char **argv){
     /* insert your own arguments here */
     while((i=getopt(argc,argv,"T:P:"))!=-1){
         switch(i){
+#ifdef WITH_PCAP
         	case 'P':
         		pcap_file=optarg;
         		break;
+#endif
 #ifndef _WIN32
           case 'T':
             proxycommand=optarg;
             break;
 #endif
-          default:
+            default:
                 fprintf(stderr,"unknown option %c\n",optopt);
                 usage();
         }
@@ -176,7 +179,7 @@ static void setsignal(void){
 static void sizechanged(void){
     struct winsize win = { 0, 0, 0, 0 };
     ioctl(1, TIOCGWINSZ, &win);
-    ssh_channel_change_pty_size(chan,win.ws_col, win.ws_row);
+    channel_change_pty_size(chan,win.ws_col, win.ws_row);
 //    printf("Changed pty size\n");
     setsignal();
 }
@@ -199,7 +202,7 @@ static void select_loop(ssh_session session,ssh_channel channel){
     fd_set fds;
     struct timeval timeout;
     char buffer[4096];
-    ssh_buffer readbuf=ssh_buffer_new();
+    ssh_buffer readbuf=buffer_new();
     ssh_channel channels[2];
     int lus;
     int eof=0;
@@ -227,10 +230,10 @@ static void select_loop(ssh_session session,ssh_channel channel){
             if(FD_ISSET(0,&fds)){
                 lus=read(0,buffer,sizeof(buffer));
                 if(lus)
-                    ssh_channel_write(channel,buffer,lus);
+                    channel_write(channel,buffer,lus);
                 else {
                     eof=1;
-                    ssh_channel_send_eof(channel);
+                    channel_send_eof(channel);
                 }
             }
             if(FD_ISSET(ssh_get_fd(session),&fds)){
@@ -238,22 +241,22 @@ static void select_loop(ssh_session session,ssh_channel channel){
             }
             channels[0]=channel; // set the first channel we want to read from
             channels[1]=NULL;
-            ret=ssh_channel_select(channels,NULL,NULL,NULL); // no specific timeout - just poll
+            ret=channel_select(channels,NULL,NULL,NULL); // no specific timeout - just poll
             if(signal_delayed)
                 sizechanged();
         } while (ret==EINTR || ret==SSH_EINTR);
 
         // we already looked for input from stdin. Now, we are looking for input from the channel
 
-        if(channel && ssh_channel_is_closed(channel)){
-            ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
+        if(channel && channel_is_closed(channel)){
+            ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
 
-            ssh_channel_free(channel);
+            channel_free(channel);
             channel=NULL;
             channels[0]=NULL;
         }
         if(channels[0]){
-            while(channel && ssh_channel_is_open(channel) && ssh_channel_poll(channel,0)>0){
+            while(channel && channel_is_open(channel) && channel_poll(channel,0)){
                 lus=channel_read_buffer(channel,readbuf,0,0);
                 if(lus==-1){
                     fprintf(stderr, "Error reading channel: %s\n",
@@ -261,18 +264,15 @@ static void select_loop(ssh_session session,ssh_channel channel){
                     return;
                 }
                 if(lus==0){
-                    ssh_log(session,SSH_LOG_RARE,"EOF received");
-                    ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
+                    ssh_log(session,SSH_LOG_RARE,"EOF received\n");
+                    ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
 
-                    ssh_channel_free(channel);
+                    channel_free(channel);
                     channel=channels[0]=NULL;
                 } else
-                    if (write(1,ssh_buffer_get_begin(readbuf),lus) < 0) {
-                      fprintf(stderr, "Error writing to buffer\n");
-                      return;
-                    }
+                    write(1,buffer_get(readbuf),lus);
             }
-            while(channel && ssh_channel_is_open(channel) && ssh_channel_poll(channel,1)>0){ /* stderr */
+            while(channel && channel_is_open(channel) && channel_poll(channel,1)){ /* stderr */
                 lus=channel_read_buffer(channel,readbuf,0,1);
                 if(lus==-1){
                     fprintf(stderr, "Error reading channel: %s\n",
@@ -280,23 +280,20 @@ static void select_loop(ssh_session session,ssh_channel channel){
                     return;
                 }
                 if(lus==0){
-                    ssh_log(session,SSH_LOG_RARE,"EOF received");
-                    ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
-                    ssh_channel_free(channel);
+                    ssh_log(session,SSH_LOG_RARE,"EOF received\n");
+                    ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
+                    channel_free(channel);
                     channel=channels[0]=NULL;
                 } else
-                    if (write(2,ssh_buffer_get_begin(readbuf),lus) < 0) {
-                      fprintf(stderr, "Error writing to buffer\n");
-                      return;
-                    }
+                    write(2,buffer_get(readbuf),lus);
             }
         }
-        if(channel && ssh_channel_is_closed(channel)){
-            ssh_channel_free(channel);
+        if(channel && channel_is_closed(channel)){
+            channel_free(channel);
             channel=NULL;
         }
     }
-    ssh_buffer_free(readbuf);
+    buffer_free(readbuf);
 }
 #else /* CHANNEL_SELECT */
 
@@ -331,60 +328,54 @@ static void select_loop(ssh_session session,ssh_channel channel){
 			if(FD_ISSET(0,&fds)){
 				lus=read(0,buffer,sizeof(buffer));
 				if(lus)
-					ssh_channel_write(channel,buffer,lus);
+					channel_write(channel,buffer,lus);
 				else {
 					eof=1;
-					ssh_channel_send_eof(channel);
+					channel_send_eof(channel);
 				}
 			}
-			if(channel && ssh_channel_is_closed(channel)){
-				ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
+			if(channel && channel_is_closed(channel)){
+				ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
 
-				ssh_channel_free(channel);
+				channel_free(channel);
 				channel=NULL;
 				channels[0]=NULL;
 			}
 			if(outchannels[0]){
-				while(channel && ssh_channel_is_open(channel) && ssh_channel_poll(channel,0)!=0){
-					lus=ssh_channel_read(channel,buffer,sizeof(buffer),0);
+				while(channel && channel_is_open(channel) && channel_poll(channel,0)){
+					lus=channel_read(channel,buffer,sizeof(buffer),0);
 					if(lus==-1){
 						fprintf(stderr, "Error reading channel: %s\n",
 								ssh_get_error(session));
 						return;
 					}
 					if(lus==0){
-						ssh_log(session,SSH_LOG_RARE,"EOF received");
-						ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
+						ssh_log(session,SSH_LOG_RARE,"EOF received\n");
+						ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
 
-						ssh_channel_free(channel);
+						channel_free(channel);
 						channel=channels[0]=NULL;
 					} else
-					  if (write(1,buffer,lus) < 0) {
-					    fprintf(stderr, "Error writing to buffer\n");
-					    return;
-					  }
+						write(1,buffer,lus);
 				}
-				while(channel && ssh_channel_is_open(channel) && ssh_channel_poll(channel,1)!=0){ /* stderr */
-					lus=ssh_channel_read(channel,buffer,sizeof(buffer),1);
+				while(channel && channel_is_open(channel) && channel_poll(channel,1)){ /* stderr */
+					lus=channel_read(channel,buffer,sizeof(buffer),1);
 					if(lus==-1){
 						fprintf(stderr, "Error reading channel: %s\n",
 								ssh_get_error(session));
 						return;
 					}
 					if(lus==0){
-						ssh_log(session,SSH_LOG_RARE,"EOF received");
-						ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
-						ssh_channel_free(channel);
+						ssh_log(session,SSH_LOG_RARE,"EOF received\n");
+						ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
+						channel_free(channel);
 						channel=channels[0]=NULL;
 					} else
-					  if (write(2,buffer,lus) < 0) {
-					    fprintf(stderr, "Error writing to buffer\n");
-					    return;
-					  }
+						write(2,buffer,lus);
 				}
 			}
-			if(channel && ssh_channel_is_closed(channel)){
-				ssh_channel_free(channel);
+			if(channel && channel_is_closed(channel)){
+				channel_free(channel);
 				channel=NULL;
 			}
 		} while (ret==EINTR || ret==SSH_EINTR);
@@ -398,21 +389,21 @@ static void shell(ssh_session session){
     ssh_channel channel;
     struct termios terminal_local;
     int interactive=isatty(0);
-    channel = ssh_channel_new(session);
+    channel = channel_new(session);
     if(interactive){
         tcgetattr(0,&terminal_local);
         memcpy(&terminal,&terminal_local,sizeof(struct termios));
     }
-    if(ssh_channel_open_session(channel)){
+    if(channel_open_session(channel)){
         printf("error opening channel : %s\n",ssh_get_error(session));
         return;
     }
     chan=channel;
     if(interactive){
-        ssh_channel_request_pty(channel);
+        channel_request_pty(channel);
         sizechanged();
     }
-    if(ssh_channel_request_shell(channel)){
+    if(channel_request_shell(channel)){
         printf("Requesting shell : %s\n",ssh_get_error(session));
         return;
     }
@@ -431,14 +422,11 @@ static void batch_shell(ssh_session session){
     ssh_channel channel;
     char buffer[1024];
     int i,s=0;
-    for(i=0;i<MAXCMD && cmds[i];++i) {
+    for(i=0;i<MAXCMD && cmds[i];++i)
         s+=snprintf(buffer+s,sizeof(buffer)-s,"%s ",cmds[i]);
-		free(cmds[i]);
-		cmds[i] = NULL;
-	}
-    channel=ssh_channel_new(session);
-    ssh_channel_open_session(channel);
-    if(ssh_channel_request_exec(channel,buffer)){
+    channel=channel_new(session);
+    channel_open_session(channel);
+    if(channel_request_exec(channel,buffer)){
         printf("error executing \"%s\" : %s\n",buffer,ssh_get_error(session));
         return;
     }
@@ -485,14 +473,13 @@ static int client(ssh_session session){
   return 0;
 }
 
+#ifdef WITH_PCAP
 ssh_pcap_file pcap;
 void set_pcap(ssh_session session);
 void set_pcap(ssh_session session){
 	if(!pcap_file)
 		return;
 	pcap=ssh_pcap_file_new();
-	if(!pcap)
-		return;
 	if(ssh_pcap_file_open(pcap,pcap_file) == SSH_ERROR){
 		printf("Error opening pcap file\n");
 		ssh_pcap_file_free(pcap);
@@ -504,10 +491,10 @@ void set_pcap(ssh_session session){
 
 void cleanup_pcap(void);
 void cleanup_pcap(){
-	if(pcap)
-		ssh_pcap_file_free(pcap);
+	ssh_pcap_file_free(pcap);
 	pcap=NULL;
 }
+#endif
 
 int main(int argc, char **argv){
     ssh_session session;
@@ -524,13 +511,16 @@ int main(int argc, char **argv){
     }
     opts(argc,argv);
     signal(SIGTERM, do_exit);
-
+#ifdef WITH_PCAP
     set_pcap(session);
+#endif
     client(session);
 
     ssh_disconnect(session);
     ssh_free(session);
+#ifdef WITH_PCAP
     cleanup_pcap();
+#endif
 
     ssh_finalize();
 

examples/samplesftp.c

@@ -29,7 +29,7 @@ clients must be made or how a client should react.
 
 int verbosity;
 char *destination;
-#define DATALEN 65536
+
 static void do_sftp(ssh_session session){
     sftp_session sftp=sftp_new(session);
     sftp_dir dir;
@@ -40,7 +40,7 @@ static void do_sftp(ssh_session session){
     sftp_file to;
     int len=1;
     unsigned int i;
-    char data[DATALEN]={0};
+    char data[8000]={0};
     char *lnk;
 
     unsigned int count;
@@ -202,9 +202,9 @@ static void do_sftp(ssh_session session){
     printf("fichiers ferm\n");
     to=sftp_open(sftp,"/tmp/grosfichier",O_WRONLY|O_CREAT, 0644);
     for(i=0;i<1000;++i){
-        len=sftp_write(to,data,DATALEN);
+        len=sftp_write(to,data,8000);
         printf("wrote %d bytes\n",len);
-        if(len != DATALEN){
+        if(len != 8000){
             printf("chunk %d : %d (%s)\n",i,len,ssh_get_error(session));
         }
     }

examples/samplesshd.c

@@ -23,7 +23,7 @@ clients must be made or how a client should react.
 #include <stdlib.h>
 #include <string.h>
 #include <stdio.h>
-
+#include <unistd.h>
 #ifndef KEYS_FOLDER
 #ifdef _WIN32
 #define KEYS_FOLDER
@@ -32,32 +32,6 @@ clients must be made or how a client should react.
 #endif
 #endif
 
-#ifdef WITH_PCAP
-const char *pcap_file="debug.server.pcap";
-ssh_pcap_file pcap;
-
-void set_pcap(ssh_session session);
-void set_pcap(ssh_session session){
-	if(!pcap_file)
-		return;
-	pcap=ssh_pcap_file_new();
-	if(ssh_pcap_file_open(pcap,pcap_file) == SSH_ERROR){
-		printf("Error opening pcap file\n");
-		ssh_pcap_file_free(pcap);
-		pcap=NULL;
-		return;
-	}
-	ssh_set_pcap_file(session,pcap);
-}
-
-void cleanup_pcap(void);
-void cleanup_pcap(){
-	ssh_pcap_file_free(pcap);
-	pcap=NULL;
-}
-#endif
-
-
 static int auth_password(char *user, char *password){
     if(strcmp(user,"aris"))
         return 0;
@@ -173,7 +147,7 @@ int main(int argc, char **argv){
     ssh_bind sshbind;
     ssh_message message;
     ssh_channel chan=0;
-    char buf[2048];
+    ssh_buffer buf;
     int auth=0;
     int sftp=0;
     int i;
@@ -191,14 +165,7 @@ int main(int argc, char **argv){
      * be reflected in arguments.
      */
     argp_parse (&argp, argc, argv, 0, 0, sshbind);
-#else
-    (void) argc;
-    (void) argv;
 #endif
-#ifdef WITH_PCAP
-    set_pcap(session);
-#endif
-
     if(ssh_bind_listen(sshbind)<0){
         printf("Error listening to socket: %s\n",ssh_get_error(sshbind));
         return 1;
@@ -208,8 +175,8 @@ int main(int argc, char **argv){
       printf("error accepting a connection : %s\n",ssh_get_error(sshbind));
       return 1;
     }
-    if (ssh_handle_key_exchange(session)) {
-        printf("ssh_handle_key_exchange: %s\n", ssh_get_error(session));
+    if(ssh_accept(session)){
+        printf("ssh_accept: %s\n",ssh_get_error(session));
         return 1;
     }
     do {
@@ -287,21 +254,15 @@ int main(int argc, char **argv){
         return 1;
     }
     printf("it works !\n");
+    buf=buffer_new();
     do{
-        i=ssh_channel_read(chan,buf, 2048, 0);
-        if(i>0) {
-            ssh_channel_write(chan, buf, i);
-            if (write(1,buf,i) < 0) {
-                printf("error writing to buffer\n");
-                return 1;
-            }
-        }
+        i=channel_read_buffer(chan,buf,0,0);
+        if(i>0)
+            write(1,buffer_get(buf),buffer_get_len(buf));
     } while (i>0);
+    buffer_free(buf);
     ssh_disconnect(session);
     ssh_bind_free(sshbind);
-#ifdef WITH_PCAP
-    cleanup_pcap();
-#endif
     ssh_finalize();
     return 0;
 }

examples/scp_download.c

@@ -56,34 +56,26 @@ static int opts(int argc, char **argv){
 }
 
 static void create_files(ssh_session session){
-	ssh_channel channel=ssh_channel_new(session);
+	ssh_channel channel=channel_new(session);
 	char buffer[1];
 	if(channel == NULL){
 		fprintf(stderr,"Error creating channel: %s\n",ssh_get_error(session));
 		exit(EXIT_FAILURE);
 	}
-	if(ssh_channel_open_session(channel) != SSH_OK){
+	if(channel_open_session(channel) != SSH_OK){
 		fprintf(stderr,"Error creating channel: %s\n",ssh_get_error(session));
-		ssh_channel_free(channel);
 		exit(EXIT_FAILURE);
 	}
-	if(ssh_channel_request_exec(channel,createcommand) != SSH_OK){
+	if(channel_request_exec(channel,createcommand) != SSH_OK){
 		fprintf(stderr,"Error executing command: %s\n",ssh_get_error(session));
-		ssh_channel_close(channel);
-		ssh_channel_free(channel);
 		exit(EXIT_FAILURE);
 	}
-	while(!ssh_channel_is_eof(channel)){
-		ssh_channel_read(channel,buffer,1,1);
-		if (write(1,buffer,1) < 0) {
-                    fprintf(stderr, "Error writing to buffer\n");
-                    ssh_channel_close(channel);
-                    ssh_channel_free(channel);
-                    return;
-                }
+	while(!channel_is_eof(channel)){
+		channel_read(channel,buffer,1,1);
+		write(1,buffer,1);
 	}
-	ssh_channel_close(channel);
-	ssh_channel_free(channel);
+	channel_close(channel);
+	channel_free(channel);
 }
 
 
@@ -96,7 +88,6 @@ static int fetch_files(ssh_session session){
   ssh_scp scp=ssh_scp_new(session, SSH_SCP_READ | SSH_SCP_RECURSIVE, "/tmp/libssh_tests/*");
   if(ssh_scp_init(scp) != SSH_OK){
 	  fprintf(stderr,"error initializing scp: %s\n",ssh_get_error(session));
-	  ssh_scp_free(scp);
 	  return -1;
   }
   printf("Trying to download 3 files (a,b,d) and 1 directory (c)\n");
@@ -114,16 +105,12 @@ static int fetch_files(ssh_session session){
 		  r=ssh_scp_read(scp,buffer,sizeof(buffer));
 		  if(r==SSH_ERROR){
 			  fprintf(stderr,"Error reading scp: %s\n",ssh_get_error(session));
-			  ssh_scp_close(scp);
-			  ssh_scp_free(scp);
 			  return -1;
 		  }
 		  printf("done\n");
 		  break;
 	  case SSH_ERROR:
 		  fprintf(stderr,"Error: %s\n",ssh_get_error(session));
-		  ssh_scp_close(scp);
-		  ssh_scp_free(scp);
 		  return -1;
 	  case SSH_SCP_REQUEST_WARNING:
 		  fprintf(stderr,"Warning: %s\n",ssh_scp_request_get_warning(scp));
@@ -144,8 +131,6 @@ static int fetch_files(ssh_session session){
 	  }
   } while (1);
   end:
-  ssh_scp_close(scp);
-  ssh_scp_free(scp);
   return 0;
 }
 
@@ -159,7 +144,6 @@ int main(int argc, char **argv){
   create_files(session);
   fetch_files(session);
   ssh_disconnect(session);
-  ssh_free(session);
   ssh_finalize();
   return 0;
 }

examples/senddata.c

@@ -1,64 +0,0 @@
-#include <stdio.h>
-
-#include <libssh/libssh.h>
-#include "examples_common.h"
-
-#define LIMIT 0x100000000
-
-int main(void) {
-  ssh_session session;
-  ssh_channel channel;
-  char buffer[1024*1024];
-  int rc;
-  uint64_t total=0;
-  uint64_t lastshown=4096;
-  session = connect_ssh("localhost", NULL, 0);
-  if (session == NULL) {
-    return 1;
-  }
-
-  channel = ssh_channel_new(session);;
-  if (channel == NULL) {
-    ssh_disconnect(session);
-    return 1;
-  }
-
-  rc = ssh_channel_open_session(channel);
-  if (rc < 0) {
-    ssh_channel_close(channel);
-    ssh_disconnect(session);
-    return 1;
-  }
-
-  rc = ssh_channel_request_exec(channel, "cat > /dev/null");
-  if (rc < 0) {
-    ssh_channel_close(channel);
-    ssh_disconnect(session);
-    return 1;
-  }
-
-
-  while ((rc = ssh_channel_write(channel, buffer, sizeof(buffer))) > 0) {
-    total += rc;
-    if(total/2 >= lastshown){
-      printf("written %llx\n", (long long unsigned int) total);
-      lastshown=total;
-    }
-    if(total > LIMIT)
-      break;
-  }
-    
-  if (rc < 0) {
-    printf("error : %s\n",ssh_get_error(session));
-    ssh_channel_close(channel);
-    ssh_disconnect(session);
-    return 1;
-  }
-
-  ssh_channel_send_eof(channel);
-  ssh_channel_close(channel);
-
-  ssh_disconnect(session);
-
-  return 0;
-}

examples/sshnetcat.c

@@ -125,14 +125,8 @@ static void select_loop(ssh_session session,ssh_channel channel){
 
 						channel_free(channel);
 						channel=channels[0]=NULL;
-					} else {
-						ret = write(1, buffer, lus);
-						if (ret < 0) {
-							fprintf(stderr, "Error writing to stdin: %s",
-								strerror(errno));
-							return;
-						}
-					}
+					} else
+						write(1,buffer,lus);
 				}
 				while(channel && channel_is_open(channel) && channel_poll(channel,1)){ /* stderr */
 					lus=channel_read(channel,buffer,sizeof(buffer),1);
@@ -147,12 +141,7 @@ static void select_loop(ssh_session session,ssh_channel channel){
 						channel_free(channel);
 						channel=channels[0]=NULL;
 					} else
-						ret = write(2, buffer, lus);
-						if (ret < 0) {
-							fprintf(stderr, "Error writing to stderr: %s",
-								strerror(errno));
-							return;
-						}
+						write(2,buffer,lus);
 				}
 			}
 			if(channel && channel_is_closed(channel)){

include/libssh/CMakeLists.txt

@@ -4,7 +4,6 @@ set(libssh_HDRS
   callbacks.h
   libssh.h
   ssh2.h
-  legacy.h
 )
 
 if (WITH_SFTP)

include/libssh/agent.h

@@ -48,7 +48,7 @@
 #define SSH_AGENT_OLD_SIGNATURE                  0x01
 
 struct ssh_agent_struct {
-  struct ssh_socket_struct *sock;
+  struct socket *sock;
   ssh_buffer ident;
   unsigned int count;
 };

include/libssh/auth.h

@@ -1,86 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2009 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef AUTH_H_
-#define AUTH_H_
-#include "config.h"
-#include "libssh/callbacks.h"
-
-SSH_PACKET_CALLBACK(ssh_packet_userauth_banner);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_failure);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_success);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request);
-
-#ifdef WITH_SSH1
-void ssh_auth1_handler(ssh_session session, uint8_t type);
-
-/* auth1.c */
-int ssh_userauth1_none(ssh_session session, const char *username);
-int ssh_userauth1_offer_pubkey(ssh_session session, const char *username,
-        int type, ssh_string pubkey);
-int ssh_userauth1_password(ssh_session session, const char *username,
-        const char *password);
-
-
-#endif
-
-/** @internal
- * States of authentication in the client-side. They describe
- * what was the last response from the server
- */
-enum ssh_auth_state_e {
-  /** No authentication asked */
-  SSH_AUTH_STATE_NONE=0,
-  /** Last authentication response was a partial success */
-  SSH_AUTH_STATE_PARTIAL,
-  /** Last authentication response was a success */
-  SSH_AUTH_STATE_SUCCESS,
-  /** Last authentication response was failed */
-  SSH_AUTH_STATE_FAILED,
-  /** Last authentication was erroneous */
-  SSH_AUTH_STATE_ERROR,
-  /** Last state was a keyboard-interactive ask for info */
-  SSH_AUTH_STATE_INFO,
-  /** Last state was a public key accepted for authentication */
-  SSH_AUTH_STATE_PK_OK,
-  /** We asked for a keyboard-interactive authentication */
-  SSH_AUTH_STATE_KBDINT_SENT
-
-};
-
-/** @internal
- * @brief states of the authentication service request
- */
-enum ssh_auth_service_state_e {
-  /** initial state */
-  SSH_AUTH_SERVICE_NONE=0,
-  /** Authentication service request packet sent */
-  SSH_AUTH_SERVICE_SENT,
-  /** Service accepted */
-  SSH_AUTH_SERVICE_ACCEPTED,
-  /** Access to service denied (fatal) */
-  SSH_AUTH_SERVICE_DENIED,
-  /** Specific to SSH1 */
-  SSH_AUTH_SERVICE_USER_SENT
-};
-
-#endif /* AUTH_H_ */

include/libssh/bind.h

@@ -1,53 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef BIND_H_
-#define BIND_H_
-
-#include "libssh/priv.h"
-
-struct ssh_bind_struct {
-  struct error_struct error;
-
-  ssh_callbacks callbacks; /* Callbacks to user functions */
-  struct ssh_bind_callbacks_struct *bind_callbacks;
-  void *bind_callbacks_userdata;
-
-  struct ssh_poll_handle_struct *poll;
-  /* options */
-  char *wanted_methods[10];
-  char *banner;
-  char *dsakey;
-  char *rsakey;
-  char *bindaddr;
-  socket_t bindfd;
-  unsigned int bindport;
-  unsigned int log_verbosity;
-
-  int blocking;
-  int toaccept;
-};
-
-struct ssh_poll_handle_struct *ssh_bind_get_poll(struct ssh_bind_struct
-    *sshbind);
-
-
-#endif /* BIND_H_ */

include/libssh/buffer.h

@@ -22,14 +22,7 @@
 #ifndef BUFFER_H_
 #define BUFFER_H_
 
-#include "libssh/libssh.h"
-/*
- * Describes a buffer state
- * [XXXXXXXXXXXXDATA PAYLOAD       XXXXXXXXXXXXXXXXXXXXXXXX]
- * ^            ^                  ^                       ^]
- * \_data points\_pos points here  \_used points here |    /
- *   here                                          Allocated
- */
+/* Describes a buffer state */
 struct ssh_buffer_struct {
     char *data;
     uint32_t used;
@@ -37,10 +30,6 @@ struct ssh_buffer_struct {
     uint32_t pos;
 };
 
-LIBSSH_API void ssh_buffer_free(ssh_buffer buffer);
-LIBSSH_API void *ssh_buffer_get_begin(ssh_buffer buffer);
-LIBSSH_API uint32_t ssh_buffer_get_len(ssh_buffer buffer);
-LIBSSH_API ssh_buffer ssh_buffer_new(void);
 int buffer_add_ssh_string(ssh_buffer buffer, ssh_string string);
 int buffer_add_u8(ssh_buffer buffer, uint8_t data);
 int buffer_add_u16(ssh_buffer buffer, uint16_t data);

include/libssh/callbacks.h

@@ -34,36 +34,10 @@ extern "C" {
 #endif
 
 /**
- * @defgroup libssh_callbacks The libssh callbacks
- * @ingroup libssh
- *
- * Callback which can be replaced in libssh.
- *
+ * @addtogroup ssh_session
  * @{
  */
 
-/** @internal
- * @brief callback to process simple codes
- * @param code value to transmit
- * @param user Userdata to pass in callback
- */
-typedef void (*ssh_callback_int) (int code, void *user);
-
-/** @internal
- * @brief callback for data received messages.
- * @param data data retrieved from the socket or stream
- * @param len number of bytes available from this stream
- * @param user user-supplied pointer sent along with all callback messages
- * @returns number of bytes processed by the callee. The remaining bytes will
- * be sent in the next callback message, when more data is available.
- */
-typedef int (*ssh_callback_data) (const void *data, size_t len, void *user);
-
-typedef void (*ssh_callback_int_int) (int code, int errno_code, void *user);
-
-typedef int (*ssh_message_callback) (ssh_session, ssh_message message, void *user);
-typedef int (*ssh_channel_callback_int) (ssh_channel channel, int code, void *user);
-typedef int (*ssh_channel_callback_data) (ssh_channel channel, int code, void *data, size_t len, void *user);
 /**
  * @brief SSH authentication callback.
  *
@@ -77,110 +51,33 @@ typedef int (*ssh_channel_callback_data) (ssh_channel channel, int code, void *d
  *
  * @return              0 on success, < 0 on error.
  */
-
 typedef int (*ssh_auth_callback) (const char *prompt, char *buf, size_t len,
     int echo, int verify, void *userdata);
-/**
- * @brief SSH log callback. All logging messages will go through this callback
- * @param session Current session handler
- * @param priority Priority of the log, the smaller being the more important
- * @param message the actual message
- * @param userdata Userdata to be passed to the callback function.
- */
 typedef void (*ssh_log_callback) (ssh_session session, int priority,
     const char *message, void *userdata);
-
-/**
- * @brief SSH Connection status callback.
- * @param session Current session handler
- * @param status Percentage of connection status, going from 0.0 to 1.0
- * once connection is done.
- * @param userdata Userdata to be passed to the callback function.
- */
+/** this callback will be called with status going from 0.0 to 1.0 during
+ * connection */
 typedef void (*ssh_status_callback) (ssh_session session, float status,
 		void *userdata);
 
-/**
- * @brief SSH global request callback. All global request will go through this
- * callback.
- * @param session Current session handler
- * @param message the actual message
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_global_request_callback) (ssh_session session,
-                                        ssh_message message, void *userdata);
-
-/**
- * The structure to replace libssh functions with appropriate callbacks.
- */
 struct ssh_callbacks_struct {
-  /** DON'T SET THIS use ssh_callbacks_init() instead. */
-  size_t size;
-  /**
-   * User-provided data. User is free to set anything he wants here
-   */
-  void *userdata;
-  /**
-   * This functions will be called if e.g. a keyphrase is needed.
-   */
-  ssh_auth_callback auth_function;
-  /**
-   * This function will be called each time a loggable event happens.
-   */
-  ssh_log_callback log_function;
-  /**
-   * This function gets called during connection time to indicate the
-   * percentage of connection steps completed.
-   */
-  void (*connect_status_function)(void *userdata, float status);
-  /**
-   * This function will be called each time a global request is received.
-   */
-  ssh_global_request_callback global_request_function;
-};
-typedef struct ssh_callbacks_struct *ssh_callbacks;
-
-/**
- * These are the callbacks exported by the socket structure
- * They are called by the socket module when a socket event appears
- */
-struct ssh_socket_callbacks_struct {
-  /**
-   * User-provided data. User is free to set anything he wants here
-   */
-  void *userdata;
-	/**
-	 * This function will be called each time data appears on socket. The data
-	 * not consumed will appear on the next data event.
+	/** size of this structure. internal, shoud be set with ssh_callbacks_init()*/
+	size_t size;
+	/** User-provided data. User is free to set anything he wants here */
+	void *userdata;
+	/** this functions will be called if e.g. a keyphrase is needed. */
+	ssh_auth_callback auth_function;
+	/** this function will be called each time a loggable event happens. */
+	ssh_log_callback log_function;
+	/** this function gets called during connection time to indicate the percentage
+	 * of connection steps completed.
 	 */
-  ssh_callback_data data;
-  /** This function will be called each time a controlflow state changes, i.e.
-   * the socket is available for reading or writing.
-   */
-  ssh_callback_int controlflow;
-  /** This function will be called each time an exception appears on socket. An
-   * exception can be a socket problem (timeout, ...) or an end-of-file.
-   */
-  ssh_callback_int_int exception;
-  /** This function is called when the ssh_socket_connect was used on the socket
-   * on nonblocking state, and the connection successed.
-   */
-  ssh_callback_int_int connected;
+  void (*connect_status_function)(void *userdata, float status);
 };
-typedef struct ssh_socket_callbacks_struct *ssh_socket_callbacks;
 
-#define SSH_SOCKET_FLOW_WRITEWILLBLOCK 1
-#define SSH_SOCKET_FLOW_WRITEWONTBLOCK 2
+typedef struct ssh_callbacks_struct * ssh_callbacks;
 
-#define SSH_SOCKET_EXCEPTION_EOF 	     1
-#define SSH_SOCKET_EXCEPTION_ERROR     2
-
-#define SSH_SOCKET_CONNECTED_OK 			1
-#define SSH_SOCKET_CONNECTED_ERROR 		2
-#define SSH_SOCKET_CONNECTED_TIMEOUT 	3
-
-/**
- * @brief Initializes an ssh_callbacks_struct
+/** Initializes an ssh_callbacks_struct
  * A call to this macro is mandatory when you have set a new
  * ssh_callback_struct structure. Its goal is to maintain the binary
  * compatibility with future versions of libssh as the structure
@@ -191,273 +88,33 @@ typedef struct ssh_socket_callbacks_struct *ssh_socket_callbacks;
 } while(0);
 
 /**
- * @internal
- * @brief tests if a callback can be called without crash
- *  verifies that the struct size if big enough
- *  verifies that the callback pointer exists
- * @param p callback pointer
- * @param c callback name
- * @returns nonzero if callback can be called
- */
-#define ssh_callbacks_exists(p,c) (\
-  (p != NULL) && ( (char *)&((p)-> c) < (char *)(p) + (p)->size ) && \
-  ((p)-> c != NULL) \
-  )
-
-/** @brief Prototype for a packet callback, to be called when a new packet arrives
- * @param session The current session of the packet
- * @param type packet type (see ssh2.h)
- * @param packet buffer containing the packet, excluding size, type and padding fields
- * @param user user argument to the callback
- * and are called each time a packet shows up
- * @returns SSH_PACKET_USED Packet was parsed and used
- * @returns SSH_PACKET_NOT_USED Packet was not used or understood, processing must continue
- */
-typedef int (*ssh_packet_callback) (ssh_session session, uint8_t type, ssh_buffer packet, void *user);
-
-/** return values for a ssh_packet_callback */
-/** Packet was used and should not be parsed by another callback */
-#define SSH_PACKET_USED 1
-/** Packet was not used and should be passed to any other callback
- * available */
-#define SSH_PACKET_NOT_USED 2
-
-
-/** @brief This macro declares a packet callback handler
- * @code
- * SSH_PACKET_CALLBACK(mycallback){
- * ...
- * }
- * @endcode
- */
-#define SSH_PACKET_CALLBACK(name) \
-	int name (ssh_session session, uint8_t type, ssh_buffer packet, void *user)
-
-struct ssh_packet_callbacks_struct {
-	/** Index of the first packet type being handled */
-	uint8_t start;
-	/** Number of packets being handled by this callback struct */
-	uint8_t n_callbacks;
-	/** A pointer to n_callbacks packet callbacks */
-	ssh_packet_callback *callbacks;
-  /**
-   * User-provided data. User is free to set anything he wants here
-   */
-	void *user;
-};
-
-typedef struct ssh_packet_callbacks_struct *ssh_packet_callbacks;
-
-/**
- * @brief Set the session callback functions.
+ * @brief Set the callback functions.
  *
  * This functions sets the callback structure to use your own callback
  * functions for auth, logging and status.
  *
  * @code
- * struct ssh_callbacks_struct cb = {
- *   .userdata = data,
- *   .auth_function = my_auth_function
- * };
+ * struct ssh_callbacks_struct cb;
+ * memset(&cb, 0, sizeof(struct ssh_callbacks_struct));
+ * cb.userdata = data;
+ * cb.auth_function = my_auth_function;
+ *
  * ssh_callbacks_init(&cb);
  * ssh_set_callbacks(session, &cb);
  * @endcode
  *
  * @param  session      The session to set the callback structure.
  *
- * @param  cb           The callback structure itself.
+ * @param  cb           The callback itself.
  *
- * @return SSH_OK on success, SSH_ERROR on error.
+ * @return 0 on success, < 0 on error.
  */
 LIBSSH_API int ssh_set_callbacks(ssh_session session, ssh_callbacks cb);
 
-/**
- * @brief SSH channel data callback. Called when data is available on a channel
- * @param session Current session handler
- * @param channel the actual channel
- * @param data the data that has been read on the channel
- * @param len the length of the data
- * @param is_stderr is 0 for stdout or 1 for stderr
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef int (*ssh_channel_data_callback) (ssh_session session,
-                                           ssh_channel channel,
-                                           void *data,
-                                           uint32_t len,
-                                           int is_stderr,
-                                           void *userdata);
-
-/**
- * @brief SSH channel eof callback. Called when a channel receives EOF
- * @param session Current session handler
- * @param channel the actual channel
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_eof_callback) (ssh_session session,
-                                           ssh_channel channel,
-                                           void *userdata);
-
-/**
- * @brief SSH channel close callback. Called when a channel is closed by remote peer
- * @param session Current session handler
- * @param channel the actual channel
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_close_callback) (ssh_session session,
-                                            ssh_channel channel,
-                                            void *userdata);
-
-/**
- * @brief SSH channel signal callback. Called when a channel has received a signal
- * @param session Current session handler
- * @param channel the actual channel
- * @param signal the signal name (without the SIG prefix)
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_signal_callback) (ssh_session session,
-                                            ssh_channel channel,
-                                            const char *signal,
-                                            void *userdata);
-
-/**
- * @brief SSH channel exit status callback. Called when a channel has received an exit status
- * @param session Current session handler
- * @param channel the actual channel
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_exit_status_callback) (ssh_session session,
-                                            ssh_channel channel,
-                                            int exit_status,
-                                            void *userdata);
-
-/**
- * @brief SSH channel exit signal callback. Called when a channel has received an exit signal
- * @param session Current session handler
- * @param channel the actual channel
- * @param signal the signal name (without the SIG prefix)
- * @param core a boolean telling wether a core has been dumped or not
- * @param errmsg the description of the exception
- * @param lang the language of the description (format: RFC 3066)
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_exit_signal_callback) (ssh_session session,
-                                            ssh_channel channel,
-                                            const char *signal,
-                                            int core,
-                                            const char *errmsg,
-                                            const char *lang,
-                                            void *userdata);
-
-struct ssh_channel_callbacks_struct {
-  /** DON'T SET THIS use ssh_callbacks_init() instead. */
-  size_t size;
-  /**
-   * User-provided data. User is free to set anything he wants here
-   */
-  void *userdata;
-  /**
-   * This functions will be called when there is data available.
-   */
-  ssh_channel_data_callback channel_data_function;
-  /**
-   * This functions will be called when the channel has received an EOF.
-   */
-  ssh_channel_eof_callback channel_eof_function;
-  /**
-   * This functions will be called when the channel has been closed by remote
-   */
-  ssh_channel_close_callback channel_close_function;
-  /**
-   * This functions will be called when a signal has been received
-   */
-  ssh_channel_signal_callback channel_signal_function;
-  /**
-   * This functions will be called when an exit status has been received
-   */
-  ssh_channel_exit_status_callback channel_exit_status_function;
-  /**
-   * This functions will be called when an exit signal has been received
-   */
-  ssh_channel_exit_signal_callback channel_exit_signal_function;
-};
-typedef struct ssh_channel_callbacks_struct *ssh_channel_callbacks;
-
-/**
- * @brief Set the channel callback functions.
- *
- * This functions sets the callback structure to use your own callback
- * functions for channel data and exceptions
- *
- * @code
- * struct ssh_channel_callbacks_struct cb = {
- *   .userdata = data,
- *   .channel_data = my_channel_data_function
- * };
- * ssh_callbacks_init(&cb);
- * ssh_set_channel_callbacks(channel, &cb);
- * @endcode
- *
- * @param  channel      The channel to set the callback structure.
- *
- * @param  cb           The callback structure itself.
- *
- * @return SSH_OK on success, SSH_ERROR on error.
- */
-LIBSSH_API int ssh_set_channel_callbacks(ssh_channel channel,
-                                         ssh_channel_callbacks cb);
-
-/** @} */
-
-/** @group libssh_threads
- * @{
- */
-
-typedef int (*ssh_thread_callback) (void **lock);
-
-typedef unsigned long (*ssh_thread_id_callback) (void);
-struct ssh_threads_callbacks_struct {
-	const char *type;
-  ssh_thread_callback mutex_init;
-  ssh_thread_callback mutex_destroy;
-  ssh_thread_callback mutex_lock;
-  ssh_thread_callback mutex_unlock;
-  ssh_thread_id_callback thread_id;
-};
-
-/**
- * @brief sets the thread callbacks necessary if your program is using
- * libssh in a multithreaded fashion. This function must be called first,
- * outside of any threading context (in your main() for instance), before
- * ssh_init().
- * @param cb pointer to a ssh_threads_callbacks_struct structure, which contains
- * the different callbacks to be set.
- * @see ssh_threads_callbacks_struct
- * @see SSH_THREADS_PTHREAD
- */
-LIBSSH_API int ssh_threads_set_callbacks(struct ssh_threads_callbacks_struct
-    *cb);
-
-/**
- * @brief returns a pointer on the pthread threads callbacks, to be used with
- * ssh_threads_set_callbacks.
- * @warning you have to link with the library ssh_threads.
- * @see ssh_threads_set_callbacks
- */
-LIBSSH_API struct ssh_threads_callbacks_struct *ssh_threads_get_pthread(void);
-
-/**
- * @brief returns a pointer on the noop threads callbacks, to be used with
- * ssh_threads_set_callbacks. These callbacks do nothing and are being used by
- * default.
- * @see ssh_threads_set_callbacks
- */
-LIBSSH_API struct ssh_threads_callbacks_struct *ssh_threads_get_noop(void);
-
-/** @} */
 #ifdef __cplusplus
 }
 #endif
 
-#endif /*_SSH_CALLBACK_H */
+/** @} */
 
-/* @} */
+#endif /*_SSH_CALLBACK_H */

include/libssh/channels.h

@@ -23,30 +23,6 @@
 #define CHANNELS_H_
 #include "libssh/priv.h"
 
-/**  @internal
- * Describes the different possible states in a
- * outgoing (client) channel request
- */
-enum ssh_channel_request_state_e {
-	/** No request has been made */
-	SSH_CHANNEL_REQ_STATE_NONE = 0,
-	/** A request has been made and answer is pending */
-	SSH_CHANNEL_REQ_STATE_PENDING,
-	/** A request has been replied and accepted */
-	SSH_CHANNEL_REQ_STATE_ACCEPTED,
-	/** A request has been replied and refused */
-	SSH_CHANNEL_REQ_STATE_DENIED,
-	/** A request has been replied and an error happend */
-	SSH_CHANNEL_REQ_STATE_ERROR
-};
-
-enum ssh_channel_state_e {
-  SSH_CHANNEL_STATE_NOT_OPEN = 0,
-  SSH_CHANNEL_STATE_OPEN_DENIED,
-  SSH_CHANNEL_STATE_OPEN,
-  SSH_CHANNEL_STATE_CLOSED
-};
-
 struct ssh_channel_struct {
     struct ssh_channel_struct *prev;
     struct ssh_channel_struct *next;
@@ -60,7 +36,7 @@ struct ssh_channel_struct {
     uint32_t remote_window;
     int remote_eof; /* end of file received */
     uint32_t remote_maxpacket;
-    enum ssh_channel_state_e state;
+    int open; /* shows if the channel is still opened */
     int delayed_close;
     ssh_buffer stdout_buffer;
     ssh_buffer stderr_buffer;
@@ -68,43 +44,15 @@ struct ssh_channel_struct {
     int version;
     int blocking;
     int exit_status;
-    enum ssh_channel_request_state_e request_state;
-    ssh_channel_callbacks callbacks;
 };
 
-SSH_PACKET_CALLBACK(ssh_packet_channel_open_conf);
-SSH_PACKET_CALLBACK(ssh_packet_channel_open_fail);
-SSH_PACKET_CALLBACK(ssh_packet_channel_success);
-SSH_PACKET_CALLBACK(ssh_packet_channel_failure);
-SSH_PACKET_CALLBACK(ssh_request_success);
-SSH_PACKET_CALLBACK(ssh_request_denied);
-
-SSH_PACKET_CALLBACK(channel_rcv_change_window);
-SSH_PACKET_CALLBACK(channel_rcv_eof);
-SSH_PACKET_CALLBACK(channel_rcv_close);
-SSH_PACKET_CALLBACK(channel_rcv_request);
-SSH_PACKET_CALLBACK(channel_rcv_data);
-
-ssh_channel ssh_channel_new(ssh_session session);
+void channel_handle(ssh_session session, int type);
+ssh_channel channel_new(ssh_session session);
 int channel_default_bufferize(ssh_channel channel, void *data, int len,
         int is_stderr);
 uint32_t ssh_channel_new_id(ssh_session session);
 ssh_channel ssh_channel_from_local(ssh_session session, uint32_t id);
 int channel_write_common(ssh_channel channel, const void *data,
     uint32_t len, int is_stderr);
-#ifdef WITH_SSH1
-SSH_PACKET_CALLBACK(ssh_packet_data1);
-SSH_PACKET_CALLBACK(ssh_packet_close1);
-
-/* channels1.c */
-int channel_open_session1(ssh_channel channel);
-int channel_request_pty_size1(ssh_channel channel, const char *terminal,
-    int cols, int rows);
-int channel_change_pty_size1(ssh_channel channel, int cols, int rows);
-int channel_request_shell1(ssh_channel channel);
-int channel_request_exec1(ssh_channel channel, const char *cmd);
-int channel_write1(ssh_channel channel, const void *data, int len);
-
-#endif
 
 #endif /* CHANNELS_H_ */

include/libssh/crypto.h

@@ -58,8 +58,6 @@ struct ssh_crypto_struct {
     const char *server_pubkey_type;
     int do_compress_out; /* idem */
     int do_compress_in; /* don't set them, set the option instead */
-    int delayed_compress_in; /* Use of zlib@openssh.org */
-    int delayed_compress_out;
     void *compress_out_ctx; /* don't touch it */
     void *compress_in_ctx; /* really, don't */
 };

include/libssh/legacy.h

@@ -1,100 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-/* Since libssh.h includes legacy.h, it's important that libssh.h is included
- * first. we don't define LEGACY_H now because we want it to be defined when
- * included from libssh.h
- * All function calls declared in this header are deprecated and meant to be
- * removed in future.
- */
-
-#include "libssh/libssh.h"
-
-#ifndef LEGACY_H_
-#define LEGACY_H_
-LIBSSH_API void buffer_free(ssh_buffer buffer);
-LIBSSH_API void *buffer_get(ssh_buffer buffer);
-LIBSSH_API uint32_t buffer_get_len(ssh_buffer buffer);
-LIBSSH_API ssh_buffer buffer_new(void);
-
-LIBSSH_API ssh_channel channel_accept_x11(ssh_channel channel, int timeout_ms);
-LIBSSH_API int channel_change_pty_size(ssh_channel channel,int cols,int rows);
-LIBSSH_API ssh_channel channel_forward_accept(ssh_session session, int timeout_ms);
-LIBSSH_API int channel_close(ssh_channel channel);
-LIBSSH_API int channel_forward_cancel(ssh_session session, const char *address, int port);
-LIBSSH_API int channel_forward_listen(ssh_session session, const char *address, int port, int *bound_port);
-LIBSSH_API void channel_free(ssh_channel channel);
-LIBSSH_API int channel_get_exit_status(ssh_channel channel);
-LIBSSH_API ssh_session channel_get_session(ssh_channel channel);
-LIBSSH_API int channel_is_closed(ssh_channel channel);
-LIBSSH_API int channel_is_eof(ssh_channel channel);
-LIBSSH_API int channel_is_open(ssh_channel channel);
-LIBSSH_API ssh_channel channel_new(ssh_session session);
-LIBSSH_API int channel_open_forward(ssh_channel channel, const char *remotehost,
-    int remoteport, const char *sourcehost, int localport);
-LIBSSH_API int channel_open_session(ssh_channel channel);
-LIBSSH_API int channel_poll(ssh_channel channel, int is_stderr);
-LIBSSH_API int channel_read(ssh_channel channel, void *dest, uint32_t count, int is_stderr);
-
-LIBSSH_API int channel_read_buffer(ssh_channel channel, ssh_buffer buffer, uint32_t count,
-    int is_stderr);
-
-LIBSSH_API int channel_read_nonblocking(ssh_channel channel, void *dest, uint32_t count,
-    int is_stderr);
-LIBSSH_API int channel_request_env(ssh_channel channel, const char *name, const char *value);
-LIBSSH_API int channel_request_exec(ssh_channel channel, const char *cmd);
-LIBSSH_API int channel_request_pty(ssh_channel channel);
-LIBSSH_API int channel_request_pty_size(ssh_channel channel, const char *term,
-    int cols, int rows);
-LIBSSH_API int channel_request_shell(ssh_channel channel);
-LIBSSH_API int channel_request_send_signal(ssh_channel channel, const char *signum);
-LIBSSH_API int channel_request_sftp(ssh_channel channel);
-LIBSSH_API int channel_request_subsystem(ssh_channel channel, const char *subsystem);
-LIBSSH_API int channel_request_x11(ssh_channel channel, int single_connection, const char *protocol,
-    const char *cookie, int screen_number);
-LIBSSH_API int channel_send_eof(ssh_channel channel);
-LIBSSH_API int channel_select(ssh_channel *readchans, ssh_channel *writechans, ssh_channel *exceptchans, struct
-        timeval * timeout);
-LIBSSH_API void channel_set_blocking(ssh_channel channel, int blocking);
-LIBSSH_API int channel_write(ssh_channel channel, const void *data, uint32_t len);
-
-LIBSSH_API void privatekey_free(ssh_private_key prv);
-LIBSSH_API ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
-    int type, const char *passphrase);
-LIBSSH_API void publickey_free(ssh_public_key key);
-LIBSSH_API int ssh_publickey_to_file(ssh_session session, const char *file,
-    ssh_string pubkey, int type);
-LIBSSH_API ssh_string publickey_from_file(ssh_session session, const char *filename,
-    int *type);
-LIBSSH_API ssh_public_key publickey_from_privatekey(ssh_private_key prv);
-LIBSSH_API ssh_string publickey_to_string(ssh_public_key key);
-LIBSSH_API ssh_message ssh_message_retrieve(ssh_session session, uint32_t packettype);
-LIBSSH_API void string_burn(ssh_string str);
-LIBSSH_API ssh_string string_copy(ssh_string str);
-LIBSSH_API void *string_data(ssh_string str);
-LIBSSH_API int string_fill(ssh_string str, const void *data, size_t len);
-LIBSSH_API void string_free(ssh_string str);
-LIBSSH_API ssh_string string_from_char(const char *what);
-LIBSSH_API size_t string_len(ssh_string str);
-LIBSSH_API ssh_string string_new(size_t size);
-LIBSSH_API char *string_to_char(ssh_string str);
-
-#endif /* LEGACY_H_ */

include/libssh/libcrypto.h

@@ -1,74 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2009 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef LIBCRYPTO_H_
-#define LIBCRYPTO_H_
-
-#include "config.h"
-
-#ifdef HAVE_LIBCRYPTO
-
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
-#include <openssl/sha.h>
-#include <openssl/md5.h>
-#include <openssl/hmac.h>
-typedef SHA_CTX* SHACTX;
-typedef MD5_CTX*  MD5CTX;
-typedef HMAC_CTX* HMACCTX;
-
-#define SHA_DIGEST_LEN SHA_DIGEST_LENGTH
-#ifdef MD5_DIGEST_LEN
-    #undef MD5_DIGEST_LEN
-#endif
-#define MD5_DIGEST_LEN MD5_DIGEST_LENGTH
-
-#include <openssl/bn.h>
-#include <openssl/opensslv.h>
-#define OPENSSL_0_9_7b 0x0090702fL
-#if (OPENSSL_VERSION_NUMBER <= OPENSSL_0_9_7b)
-#define BROKEN_AES_CTR
-#endif
-typedef BIGNUM*  bignum;
-typedef BN_CTX* bignum_CTX;
-
-#define bignum_new() BN_new()
-#define bignum_free(num) BN_clear_free(num)
-#define bignum_set_word(bn,n) BN_set_word(bn,n)
-#define bignum_bin2bn(bn,datalen,data) BN_bin2bn(bn,datalen,data)
-#define bignum_bn2dec(num) BN_bn2dec(num)
-#define bignum_dec2bn(bn,data) BN_dec2bn(data,bn)
-#define bignum_bn2hex(num) BN_bn2hex(num)
-#define bignum_rand(rnd, bits, top, bottom) BN_rand(rnd,bits,top,bottom)
-#define bignum_ctx_new() BN_CTX_new()
-#define bignum_ctx_free(num) BN_CTX_free(num)
-#define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx)
-#define bignum_num_bytes(num) BN_num_bytes(num)
-#define bignum_num_bits(num) BN_num_bits(num)
-#define bignum_is_bit_set(num,bit) BN_is_bit_set(num,bit)
-#define bignum_bn2bin(num,ptr) BN_bn2bin(num,ptr)
-#define bignum_cmp(num1,num2) BN_cmp(num1,num2)
-
-struct crypto_struct *ssh_get_ciphertab(void);
-
-#endif /* HAVE_LIBCRYPTO */
-
-#endif /* LIBCRYPTO_H_ */

include/libssh/libgcrypt.h

@@ -1,60 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2009 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef LIBGCRYPT_H_
-#define LIBGCRYPT_H_
-
-#include "config.h"
-
-#ifdef HAVE_LIBGCRYPT
-
-#include <gcrypt.h>
-typedef gcry_md_hd_t SHACTX;
-typedef gcry_md_hd_t MD5CTX;
-typedef gcry_md_hd_t HMACCTX;
-#define SHA_DIGEST_LEN 20
-#define MD5_DIGEST_LEN 16
-#define EVP_MAX_MD_SIZE 36
-
-typedef gcry_mpi_t bignum;
-
-#define bignum_new() gcry_mpi_new(0)
-#define bignum_free(num) gcry_mpi_release(num)
-#define bignum_set_word(bn,n) gcry_mpi_set_ui(bn,n)
-#define bignum_bin2bn(bn,datalen,data) gcry_mpi_scan(data,GCRYMPI_FMT_USG,bn,datalen,NULL)
-#define bignum_bn2dec(num) my_gcry_bn2dec(num)
-#define bignum_dec2bn(num, data) my_gcry_dec2bn(data, num)
-#define bignum_bn2hex(num,data) gcry_mpi_aprint(GCRYMPI_FMT_HEX,data,NULL,num)
-#define bignum_hex2bn(num,datalen,data) gcry_mpi_scan(num,GCRYMPI_FMT_HEX,data,datalen,NULL)
-#define bignum_rand(num,bits) gcry_mpi_randomize(num,bits,GCRY_STRONG_RANDOM),gcry_mpi_set_bit(num,bits-1),gcry_mpi_set_bit(num,0)
-#define bignum_mod_exp(dest,generator,exp,modulo) gcry_mpi_powm(dest,generator,exp,modulo)
-#define bignum_num_bits(num) gcry_mpi_get_nbits(num)
-#define bignum_num_bytes(num) ((gcry_mpi_get_nbits(num)+7)/8)
-#define bignum_is_bit_set(num,bit) gcry_mpi_test_bit(num,bit)
-#define bignum_bn2bin(num,datalen,data) gcry_mpi_print(GCRYMPI_FMT_USG,data,datalen,NULL,num)
-#define bignum_cmp(num1,num2) gcry_mpi_cmp(num1,num2)
-
-
-#endif /* HAVE_LIBGCRYPT */
-
-struct crypto_struct *ssh_get_ciphertab(void);
-
-#endif /* LIBGCRYPT_H_ */

include/libssh/libssh.h

@@ -22,10 +22,10 @@
 #ifndef _LIBSSH_H
 #define _LIBSSH_H
 
-#if defined _WIN32 || defined __CYGWIN__
-  #ifdef LIBSSH_STATIC
-    #define LIBSSH_API
-  #else
+#ifdef LIBSSH_STATIC
+  #define LIBSSH_API
+#else
+  #if defined _WIN32 || defined __CYGWIN__
     #ifdef LIBSSH_EXPORTS
       #ifdef __GNUC__
         #define LIBSSH_API __attribute__((dllexport))
@@ -39,12 +39,12 @@
         #define LIBSSH_API __declspec(dllimport)
       #endif
     #endif
-  #endif
-#else
-  #if __GNUC__ >= 4 && !defined(__OS2__)
-    #define LIBSSH_API __attribute__((visibility("default")))
   #else
-    #define LIBSSH_API
+    #if __GNUC__ >= 4 && !defined(__OS2__)
+      #define LIBSSH_API __attribute__((visibility("default")))
+    #else
+      #define LIBSSH_API
+    #endif
   #endif
 #endif
 
@@ -78,8 +78,8 @@
 
 /* libssh version */
 #define LIBSSH_VERSION_MAJOR  0
-#define LIBSSH_VERSION_MINOR  5
-#define LIBSSH_VERSION_MICRO  0
+#define LIBSSH_VERSION_MINOR  4
+#define LIBSSH_VERSION_MICRO  8
 
 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \
                                            LIBSSH_VERSION_MINOR, \
@@ -113,7 +113,6 @@ typedef struct ssh_message_struct* ssh_message;
 typedef struct ssh_pcap_file_struct* ssh_pcap_file;
 typedef struct ssh_private_key_struct* ssh_private_key;
 typedef struct ssh_public_key_struct* ssh_public_key;
-typedef struct ssh_key_struct* ssh_key;
 typedef struct ssh_scp_struct* ssh_scp;
 typedef struct ssh_session_struct* ssh_session;
 typedef struct ssh_string_struct* ssh_string;
@@ -155,7 +154,6 @@ enum ssh_auth_e {
 	SSH_AUTH_DENIED,
 	SSH_AUTH_PARTIAL,
 	SSH_AUTH_INFO,
-	SSH_AUTH_AGAIN,
 	SSH_AUTH_ERROR=-1
 };
 
@@ -194,19 +192,6 @@ enum ssh_channel_requests_e {
 	SSH_CHANNEL_REQUEST_WINDOW_CHANGE
 };
 
-enum ssh_global_requests_e {
-	SSH_GLOBAL_REQUEST_UNKNOWN=0,
-	SSH_GLOBAL_REQUEST_TCPIP_FORWARD,
-	SSH_GLOBAL_REQUEST_CANCEL_TCPIP_FORWARD,
-};
-
-enum ssh_publickey_state_e {
-	SSH_PUBLICKEY_STATE_ERROR=-1,
-	SSH_PUBLICKEY_STATE_NONE=0,
-	SSH_PUBLICKEY_STATE_VALID=1,
-	SSH_PUBLICKEY_STATE_WRONG=2
-};
-
 /* status flags */
 #define SSH_CLOSED 0x01
 #define SSH_READ_PENDING 0x02
@@ -233,29 +218,18 @@ enum ssh_error_types_e {
 	SSH_EINTR
 };
 
-/* some types for keys */
-enum ssh_keytypes_e{
-  SSH_KEYTYPE_UNKNOWN=0,
-  SSH_KEYTYPE_DSS=1,
-  SSH_KEYTYPE_RSA,
-  SSH_KEYTYPE_RSA1
-};
-
 /* Error return codes */
 #define SSH_OK 0     /* No error */
 #define SSH_ERROR -1 /* Error of some kind */
 #define SSH_AGAIN -2 /* The nonblocking call must be repeated */
 #define SSH_EOF -127 /* We have already a eof */
 
-/**
- * @addtogroup libssh_log
- *
+/** \addtogroup ssh_log
  * @{
  */
+ /** \brief Verbosity level for logging and help to debugging
+  */
 
-/**
- * @brief Verbosity level for logging and help to debugging
- */
 enum {
 	/** No logging at all
 	 */
@@ -273,7 +247,8 @@ enum {
 	 */
 	SSH_LOG_FUNCTIONS
 };
-/** @} */
+/** @}
+ */
 
 enum ssh_options_e {
   SSH_OPTIONS_HOST,
@@ -291,15 +266,13 @@ enum ssh_options_e {
   SSH_OPTIONS_SSH2,
   SSH_OPTIONS_LOG_VERBOSITY,
   SSH_OPTIONS_LOG_VERBOSITY_STR,
+
   SSH_OPTIONS_CIPHERS_C_S,
   SSH_OPTIONS_CIPHERS_S_C,
   SSH_OPTIONS_COMPRESSION_C_S,
   SSH_OPTIONS_COMPRESSION_S_C,
   SSH_OPTIONS_PROXYCOMMAND,
-  SSH_OPTIONS_BINDADDR,
-  SSH_OPTIONS_STRICTHOSTKEYCHECK,
-  SSH_OPTIONS_COMPRESSION,
-  SSH_OPTIONS_COMPRESSION_LEVEL
+  SSH_OPTIONS_BINDADDR
 };
 
 enum {
@@ -323,42 +296,60 @@ enum ssh_scp_request_types {
   SSH_SCP_REQUEST_WARNING
 };
 
-LIBSSH_API int ssh_blocking_flush(ssh_session session, int timeout);
-LIBSSH_API ssh_channel ssh_channel_accept_x11(ssh_channel channel, int timeout_ms);
-LIBSSH_API int ssh_channel_change_pty_size(ssh_channel channel,int cols,int rows);
-LIBSSH_API int ssh_channel_close(ssh_channel channel);
-LIBSSH_API void ssh_channel_free(ssh_channel channel);
-LIBSSH_API int ssh_channel_get_exit_status(ssh_channel channel);
-LIBSSH_API ssh_session ssh_channel_get_session(ssh_channel channel);
-LIBSSH_API int ssh_channel_is_closed(ssh_channel channel);
-LIBSSH_API int ssh_channel_is_eof(ssh_channel channel);
-LIBSSH_API int ssh_channel_is_open(ssh_channel channel);
-LIBSSH_API ssh_channel ssh_channel_new(ssh_session session);
-LIBSSH_API int ssh_channel_open_forward(ssh_channel channel, const char *remotehost,
-    int remoteport, const char *sourcehost, int localport);
-LIBSSH_API int ssh_channel_open_session(ssh_channel channel);
-LIBSSH_API int ssh_channel_poll(ssh_channel channel, int is_stderr);
-LIBSSH_API int ssh_channel_read(ssh_channel channel, void *dest, uint32_t count, int is_stderr);
-LIBSSH_API int ssh_channel_read_nonblocking(ssh_channel channel, void *dest, uint32_t count,
-    int is_stderr);
-LIBSSH_API int ssh_channel_request_env(ssh_channel channel, const char *name, const char *value);
-LIBSSH_API int ssh_channel_request_exec(ssh_channel channel, const char *cmd);
-LIBSSH_API int ssh_channel_request_pty(ssh_channel channel);
-LIBSSH_API int ssh_channel_request_pty_size(ssh_channel channel, const char *term,
-    int cols, int rows);
-LIBSSH_API int ssh_channel_request_shell(ssh_channel channel);
-LIBSSH_API int ssh_channel_request_send_signal(ssh_channel channel, const char *signum);
-LIBSSH_API int ssh_channel_request_sftp(ssh_channel channel);
-LIBSSH_API int ssh_channel_request_subsystem(ssh_channel channel, const char *subsystem);
-LIBSSH_API int ssh_channel_request_x11(ssh_channel channel, int single_connection, const char *protocol,
-    const char *cookie, int screen_number);
-LIBSSH_API int ssh_channel_send_eof(ssh_channel channel);
-LIBSSH_API int ssh_channel_select(ssh_channel *readchans, ssh_channel *writechans, ssh_channel *exceptchans, struct
-        timeval * timeout);
-LIBSSH_API void ssh_channel_set_blocking(ssh_channel channel, int blocking);
-LIBSSH_API int ssh_channel_write(ssh_channel channel, const void *data, uint32_t len);
-LIBSSH_API uint32_t ssh_channel_window_size(ssh_channel channel);
+LIBSSH_API void buffer_free(ssh_buffer buffer);
+LIBSSH_API void *buffer_get(ssh_buffer buffer);
+LIBSSH_API uint32_t buffer_get_len(ssh_buffer buffer);
+LIBSSH_API ssh_buffer buffer_new(void);
 
+LIBSSH_API ssh_channel channel_accept_x11(ssh_channel channel, int timeout_ms);
+LIBSSH_API int channel_change_pty_size(ssh_channel channel,int cols,int rows);
+LIBSSH_API ssh_channel channel_forward_accept(ssh_session session, int timeout_ms);
+LIBSSH_API int channel_close(ssh_channel channel);
+LIBSSH_API int channel_forward_cancel(ssh_session session, const char *address, int port);
+LIBSSH_API int channel_forward_listen(ssh_session session, const char *address, int port, int *bound_port);
+LIBSSH_API void channel_free(ssh_channel channel);
+LIBSSH_API int channel_get_exit_status(ssh_channel channel);
+LIBSSH_API ssh_session channel_get_session(ssh_channel channel);
+LIBSSH_API int channel_is_closed(ssh_channel channel);
+LIBSSH_API int channel_is_eof(ssh_channel channel);
+LIBSSH_API int channel_is_open(ssh_channel channel);
+LIBSSH_API ssh_channel channel_new(ssh_session session);
+LIBSSH_API int channel_open_forward(ssh_channel channel, const char *remotehost,
+    int remoteport, const char *sourcehost, int localport);
+LIBSSH_API int channel_open_session(ssh_channel channel);
+LIBSSH_API int channel_poll(ssh_channel channel, int is_stderr);
+LIBSSH_API int channel_read(ssh_channel channel, void *dest, uint32_t count, int is_stderr);
+LIBSSH_API int channel_read_buffer(ssh_channel channel, ssh_buffer buffer, uint32_t count,
+    int is_stderr);
+LIBSSH_API int channel_read_nonblocking(ssh_channel channel, void *dest, uint32_t count,
+    int is_stderr);
+LIBSSH_API int channel_request_env(ssh_channel channel, const char *name, const char *value);
+LIBSSH_API int channel_request_exec(ssh_channel channel, const char *cmd);
+LIBSSH_API int channel_request_pty(ssh_channel channel);
+LIBSSH_API int channel_request_pty_size(ssh_channel channel, const char *term,
+    int cols, int rows);
+LIBSSH_API int channel_request_shell(ssh_channel channel);
+LIBSSH_API int channel_request_send_signal(ssh_channel channel, const char *signum);
+LIBSSH_API int channel_request_sftp(ssh_channel channel);
+LIBSSH_API int channel_request_subsystem(ssh_channel channel, const char *subsystem);
+LIBSSH_API int channel_request_x11(ssh_channel channel, int single_connection, const char *protocol,
+    const char *cookie, int screen_number);
+LIBSSH_API int channel_send_eof(ssh_channel channel);
+LIBSSH_API int channel_select(ssh_channel *readchans, ssh_channel *writechans, ssh_channel *exceptchans, struct
+        timeval * timeout);
+LIBSSH_API void channel_set_blocking(ssh_channel channel, int blocking);
+LIBSSH_API int channel_write(ssh_channel channel, const void *data, uint32_t len);
+
+LIBSSH_API void privatekey_free(ssh_private_key prv);
+LIBSSH_API ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
+    int type, const char *passphrase);
+LIBSSH_API void publickey_free(ssh_public_key key);
+LIBSSH_API int ssh_publickey_to_file(ssh_session session, const char *file,
+    ssh_string pubkey, int type);
+LIBSSH_API ssh_string publickey_from_file(ssh_session session, const char *filename,
+    int *type);
+LIBSSH_API ssh_public_key publickey_from_privatekey(ssh_private_key prv);
+LIBSSH_API ssh_string publickey_to_string(ssh_public_key key);
 LIBSSH_API int ssh_try_publickey_from_file(ssh_session session, const char *keyfile,
     ssh_string *publickey, int *type);
 
@@ -370,9 +361,6 @@ LIBSSH_API const char *ssh_copyright(void);
 LIBSSH_API void ssh_disconnect(ssh_session session);
 LIBSSH_API char *ssh_dirname (const char *path);
 LIBSSH_API int ssh_finalize(void);
-LIBSSH_API ssh_channel ssh_forward_accept(ssh_session session, int timeout_ms);
-LIBSSH_API int ssh_forward_cancel(ssh_session session, const char *address, int port);
-LIBSSH_API int ssh_forward_listen(ssh_session session, const char *address, int port, int *bound_port);
 LIBSSH_API void ssh_free(ssh_session session);
 LIBSSH_API const char *ssh_get_disconnect_message(ssh_session session);
 LIBSSH_API const char *ssh_get_error(void *error);
@@ -387,14 +375,13 @@ LIBSSH_API int ssh_get_random(void *where,int len,int strong);
 LIBSSH_API int ssh_get_version(ssh_session session);
 LIBSSH_API int ssh_get_status(ssh_session session);
 LIBSSH_API int ssh_init(void);
-LIBSSH_API int ssh_is_blocking(ssh_session session);
-LIBSSH_API int ssh_is_connected(ssh_session session);
 LIBSSH_API int ssh_is_server_known(ssh_session session);
 LIBSSH_API void ssh_log(ssh_session session, int prioriry, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
 LIBSSH_API ssh_channel ssh_message_channel_request_open_reply_accept(ssh_message msg);
 LIBSSH_API int ssh_message_channel_request_reply_success(ssh_message msg);
 LIBSSH_API void ssh_message_free(ssh_message msg);
 LIBSSH_API ssh_message ssh_message_get(ssh_session session);
+LIBSSH_API ssh_message ssh_message_retrieve(ssh_session session, uint32_t packettype);
 LIBSSH_API int ssh_message_subtype(ssh_message msg);
 LIBSSH_API int ssh_message_type(ssh_message msg);
 LIBSSH_API int ssh_mkdir (const char *pathname, mode_t mode);
@@ -410,7 +397,7 @@ LIBSSH_API void ssh_pcap_file_free(ssh_pcap_file pcap);
 LIBSSH_API ssh_pcap_file ssh_pcap_file_new(void);
 LIBSSH_API int ssh_pcap_file_open(ssh_pcap_file pcap, const char *filename);
 
-LIBSSH_API enum ssh_keytypes_e ssh_privatekey_type(ssh_private_key privatekey);
+LIBSSH_API int ssh_privatekey_type(ssh_private_key privatekey);
 
 LIBSSH_API void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len);
 LIBSSH_API int ssh_scp_accept_request(ssh_scp scp);
@@ -455,28 +442,19 @@ LIBSSH_API int ssh_userauth_none(ssh_session session, const char *username);
 LIBSSH_API int ssh_userauth_offer_pubkey(ssh_session session, const char *username, int type, ssh_string publickey);
 LIBSSH_API int ssh_userauth_password(ssh_session session, const char *username, const char *password);
 LIBSSH_API int ssh_userauth_pubkey(ssh_session session, const char *username, ssh_string publickey, ssh_private_key privatekey);
-LIBSSH_API int ssh_userauth_privatekey_file(ssh_session session, const char *username,
-    const char *filename, const char *passphrase);
 LIBSSH_API const char *ssh_version(int req_version);
 LIBSSH_API int ssh_write_knownhost(ssh_session session);
 
-LIBSSH_API void ssh_string_burn(ssh_string str);
-LIBSSH_API ssh_string ssh_string_copy(ssh_string str);
-LIBSSH_API void *ssh_string_data(ssh_string str);
-LIBSSH_API int ssh_string_fill(ssh_string str, const void *data, size_t len);
-LIBSSH_API void ssh_string_free(ssh_string str);
-LIBSSH_API ssh_string ssh_string_from_char(const char *what);
-LIBSSH_API size_t ssh_string_len(ssh_string str);
-LIBSSH_API ssh_string ssh_string_new(size_t size);
-LIBSSH_API char *ssh_string_to_char(ssh_string str);
-LIBSSH_API void ssh_string_free_char(char *s);
+LIBSSH_API void string_burn(ssh_string str);
+LIBSSH_API ssh_string string_copy(ssh_string str);
+LIBSSH_API void *string_data(ssh_string str);
+LIBSSH_API int string_fill(ssh_string str, const void *data, size_t len);
+LIBSSH_API void string_free(ssh_string str);
+LIBSSH_API ssh_string string_from_char(const char *what);
+LIBSSH_API size_t string_len(ssh_string str);
+LIBSSH_API ssh_string string_new(size_t size);
+LIBSSH_API char *string_to_char(ssh_string str);
 
-LIBSSH_API int ssh_getpass(const char *prompt, char *buf, size_t len, int echo,
-    int verify);
-
-#ifndef LIBSSH_LEGACY_0_4
-#include "libssh/legacy.h"
-#endif
 
 #ifdef __cplusplus
 }

include/libssh/libsshpp.hpp

@@ -1,604 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef LIBSSHPP_HPP_
-#define LIBSSHPP_HPP_
-
-/**
- * @defgroup ssh_cpp The libssh C++ wrapper
- *
- * The C++ bindings for libssh are completely embedded in a single .hpp file, and
- * this for two reasons:
- * - C++ is hard to keep binary compatible, C is easy. We try to keep libssh C version
- *   as much as possible binary compatible between releases, while this would be hard for
- *   C++. If you compile your program with these headers, you will only link to the C version
- *   of libssh which will be kept ABI compatible. No need to recompile your C++ program
- *   each time a new binary-compatible version of libssh is out
- * - Most of the functions in this file are really short and are probably worth the "inline"
- *   linking mode, which the compiler can decide to do in some case. There would be nearly no
- *   performance penalty of using the wrapper rather than native calls.
- *
- * Please visit the documentation of ssh::Session and ssh::Channel
- * @see ssh::Session
- * @see ssh::Channel
- *
- * If you wish not to use C++ exceptions, please define SSH_NO_CPP_EXCEPTIONS:
- * @code
- * #define SSH_NO_CPP_EXCEPTIONS
- * #include <libssh/libsshpp.hpp>
- * @endcode
- * All functions will then return SSH_ERROR in case of error.
- * @{
- */
-
-/* do not use deprecated functions */
-#define LIBSSH_LEGACY_0_4
-
-#include <libssh/libssh.h>
-#include <libssh/server.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include <stdio.h>
-
-namespace ssh {
-
-class Channel;
-/** Some people do not like C++ exceptions. With this define, we give
- * the choice to use or not exceptions.
- * @brief if defined, disable C++ exceptions for libssh c++ wrapper
- */
-#ifndef SSH_NO_CPP_EXCEPTIONS
-
-/** @brief This class describes a SSH Exception object. This object can be thrown
- * by several SSH functions that interact with the network, and may fail because of
- * socket, protocol or memory errors.
- */
-class SshException{
-public:
-  SshException(ssh_session csession){
-    code=ssh_get_error_code(csession);
-    description=std::string(ssh_get_error(csession));
-  }
-  SshException(const SshException &e){
-    code=e.code;
-    description=e.description;
-  }
-  /** @brief returns the Error code
-   * @returns SSH_FATAL Fatal error happened (not recoverable)
-   * @returns SSH_REQUEST_DENIED Request was denied by remote host
-   * @see ssh_get_error_code
-   */
-  int getCode(){
-    return code;
-  }
-  /** @brief returns the error message of the last exception
-   * @returns pointer to a c string containing the description of error
-   * @see ssh_get_error
-   */
-  std::string getError(){
-    return description;
-  }
-private:
-  int code;
-  std::string description;
-};
-
-/** @internal
- * @brief Macro to throw exception if there was an error
- */
-#define ssh_throw(x) if((x)==SSH_ERROR) throw SshException(getCSession())
-#define ssh_throw_null(CSession,x) if((x)==NULL) throw SshException(CSession)
-#define void_throwable void
-#define return_throwable return
-
-#else
-
-/* No exception at all. All functions will return an error code instead
- * of an exception
- */
-#define ssh_throw(x) if((x)==SSH_ERROR) return SSH_ERROR
-#define ssh_throw_null(CSession,x) if((x)==NULL) return NULL
-#define void_throwable int
-#define return_throwable return SSH_OK
-#endif
-
-/**
- * The ssh::Session class contains the state of a SSH connection.
- */
-class Session {
-  friend class Channel;
-public:
-  Session(){
-    c_session=ssh_new();
-  }
-  ~Session(){
-    ssh_free(c_session);
-    c_session=NULL;
-  }
-  /** @brief sets an SSH session options
-   * @param type Type of option
-   * @param option cstring containing the value of option
-   * @throws SshException on error
-   * @see ssh_options_set
-   */
-  void_throwable setOption(enum ssh_options_e type, const char *option){
-    ssh_throw(ssh_options_set(c_session,type,option));
-    return_throwable;
-  }
-  /** @brief sets an SSH session options
-   * @param type Type of option
-   * @param option long integer containing the value of option
-   * @throws SshException on error
-   * @see ssh_options_set
-   */
-  void_throwable setOption(enum ssh_options_e type, long int option){
-    ssh_throw(ssh_options_set(c_session,type,&option));
-    return_throwable;
-  }
-  /** @brief sets an SSH session options
-   * @param type Type of option
-   * @param option void pointer containing the value of option
-   * @throws SshException on error
-   * @see ssh_options_set
-   */
-  void_throwable setOption(enum ssh_options_e type, void *option){
-    ssh_throw(ssh_options_set(c_session,type,option));
-    return_throwable;
-  }
-  /** @brief connects to the remote host
-   * @throws SshException on error
-   * @see ssh_connect
-   */
-  void_throwable connect(){
-    int ret=ssh_connect(c_session);
-    ssh_throw(ret);
-    return_throwable;
-  }
-  /** @brief Authenticates automatically using public key
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED
-   * @see ssh_userauth_autopubkey
-   */
-  int userauthAutopubkey(void){
-    int ret=ssh_userauth_autopubkey(c_session,NULL);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Authenticates using the "none" method. Prefer using autopubkey if
-   * possible.
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED
-   * @see ssh_userauth_none
-   * @see Session::userauthAutoPubkey
-   */
-  int userauthNone(){
-    int ret=ssh_userauth_none(c_session,NULL);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Authenticates using the password method.
-   * @param[in] password password to use for authentication
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED
-   * @see ssh_userauth_password
-   */
-  int userauthPassword(const char *password){
-    int ret=ssh_userauth_password(c_session,NULL,password);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Try to authenticate using the publickey method.
-   * @param[in] type public key type
-   * @param[in] pubkey public key to use for authentication
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS if the pubkey is accepted,
-   * @returns SSH_AUTH_DENIED if the pubkey is denied
-   * @see ssh_userauth_offer_pubkey
-   */
-  int userauthOfferPubkey(int type, ssh_string pubkey){
-    int ret=ssh_userauth_offer_pubkey(c_session,NULL,type,pubkey);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Authenticates using the publickey method.
-   * @param[in] pubkey public key to use for authentication
-   * @param[in] privkey private key to use for authentication
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED
-   * @see ssh_userauth_pubkey
-   */
-  int userauthPubkey(ssh_string pubkey, ssh_private_key privkey){
-    int ret=ssh_userauth_pubkey(c_session,NULL,pubkey,privkey);
-    ssh_throw(ret);
-    return ret;
-  }
-  int userauthPubkey(ssh_private_key privkey){
-    int ret=ssh_userauth_pubkey(c_session,NULL,NULL,privkey);
-    ssh_throw(ret);
-    return ret;
-  }
-  int userauthPrivatekeyFile(const char *filename,
-      const char *passphrase);
-  /** @brief Returns the available authentication methods from the server
-   * @throws SshException on error
-   * @returns Bitfield of available methods.
-   * @see ssh_userauth_list
-   */
-  int getAuthList(){
-    int ret=ssh_userauth_list(c_session, NULL);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Disconnects from the SSH server and closes connection
-   * @see ssh_disconnect
-   */
-  void disconnect(){
-    ssh_disconnect(c_session);
-  }
-  /** @brief Returns the disconnect message from the server, if any
-   * @returns pointer to the message, or NULL. Do not attempt to free
-   * the pointer.
-   */
-  const char *getDisconnectMessage(){
-    const char *msg=ssh_get_disconnect_message(c_session);
-    return msg;
-  }
-  /** @internal
-   * @brief gets error message
-   */
-  const char *getError(){
-    return ssh_get_error(c_session);
-  }
-  /** @internal
-   * @brief returns error code
-   */
-  int getErrorCode(){
-    return ssh_get_error_code(c_session);
-  }
-  /** @brief returns the file descriptor used for the communication
-   * @returns the file descriptor
-   * @warning if a proxycommand is used, this function will only return
-   * one of the two file descriptors being used
-   * @see ssh_get_fd
-   */
-  socket_t getSocket(){
-    return ssh_get_fd(c_session);
-  }
-  /** @brief gets the Issue banner from the ssh server
-   * @returns the issue banner. This is generally a MOTD from server
-   * @see ssh_get_issue_banner
-   */
-  std::string getIssueBanner(){
-    char *banner=ssh_get_issue_banner(c_session);
-    std::string ret= std::string(banner);
-    ::free(banner);
-    return ret;
-  }
-  /** @brief returns the OpenSSH version (server) if possible
-   * @returns openssh version code
-   * @see ssh_get_openssh_version
-   */
-  int getOpensshVersion(){
-    return ssh_get_openssh_version(c_session);
-  }
-  /** @brief returns the version of the SSH protocol being used
-   * @returns the SSH protocol version
-   * @see ssh_get_version
-   */
-  int getVersion(){
-    return ssh_get_version(c_session);
-  }
-  /** @brief verifies that the server is known
-   * @throws SshException on error
-   * @returns Integer value depending on the knowledge of the
-   * server key
-   * @see ssh_is_server_known
-   */
-  int isServerKnown(){
-    int ret=ssh_is_server_known(c_session);
-    ssh_throw(ret);
-    return ret;
-  }
-  void log(int priority, const char *format, ...){
-    char buffer[1024];
-    va_list va;
-
-    va_start(va, format);
-    vsnprintf(buffer, sizeof(buffer), format, va);
-    va_end(va);
-    ssh_log(c_session,priority, "%s", buffer);
-  }
-
-  /** @brief copies options from a session to another
-   * @throws SshException on error
-   * @see ssh_options_copy
-   */
-  void_throwable optionsCopy(const Session &source){
-    ssh_throw(ssh_options_copy(source.c_session,&c_session));
-    return_throwable;
-  }
-  /** @brief parses a configuration file for options
-   * @throws SshException on error
-   * @param[in] file configuration file name
-   * @see ssh_options_parse_config
-   */
-  void_throwable optionsParseConfig(const char *file){
-    ssh_throw(ssh_options_parse_config(c_session,file));
-    return_throwable;
-  }
-  /** @brief silently disconnect from remote host
-   * @see ssh_silent_disconnect
-   */
-  void silentDisconnect(){
-    ssh_silent_disconnect(c_session);
-  }
-  /** @brief Writes the known host file with current
-   * host key
-   * @throws SshException on error
-   * @see ssh_write_knownhost
-   */
-  int writeKnownhost(){
-    int ret = ssh_write_knownhost(c_session);
-    ssh_throw(ret);
-    return ret;
-  }
-
-  /** @brief accept an incoming forward connection
-   * @param[in] timeout_ms timeout for waiting, in ms
-   * @returns new Channel pointer on the forward connection
-   * @returns NULL in case of error
-   * @warning you have to delete this pointer after use
-   * @see ssh_channel_forward_accept
-   * @see Session::listenForward
-   */
-  Channel *acceptForward(int timeout_ms);
-  /* acceptForward is implemented later in this file */
-
-  void_throwable cancelForward(const char *address, int port){
-    int err=ssh_forward_cancel(c_session, address, port);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-  void_throwable listenForward(const char *address, int port,
-      int &boundport){
-    int err=ssh_forward_listen(c_session, address, port, &boundport);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-private:
-  ssh_session c_session;
-  ssh_session getCSession(){
-    return c_session;
-  }
-  /* No copy constructor, no = operator */
-  Session(const Session &);
-  Session& operator=(const Session &);
-};
-
-/** @brief the ssh::Channel class describes the state of an SSH
- * channel.
- * @see ssh_channel
- */
-class Channel {
-  friend class Session;
-public:
-  Channel(Session &session){
-    channel=ssh_channel_new(session.getCSession());
-    this->session=&session;
-  }
-  ~Channel(){
-    ssh_channel_free(channel);
-    channel=NULL;
-  }
-
-  /** @brief accept an incoming X11 connection
-   * @param[in] timeout_ms timeout for waiting, in ms
-   * @returns new Channel pointer on the X11 connection
-   * @returns NULL in case of error
-   * @warning you have to delete this pointer after use
-   * @see ssh_channel_accept_x11
-   * @see Channel::requestX11
-   */
-  Channel *acceptX11(int timeout_ms){
-    ssh_channel x11chan = ssh_channel_accept_x11(channel,timeout_ms);
-    ssh_throw_null(getCSession(),x11chan);
-    Channel *newchan = new Channel(getSession(),x11chan);
-    return newchan;
-  }
-  /** @brief change the size of a pseudoterminal
-   * @param[in] cols number of columns
-   * @param[in] rows number of rows
-   * @throws SshException on error
-   * @see ssh_channel_change_pty_size
-   */
-  void_throwable changePtySize(int cols, int rows){
-    int err=ssh_channel_change_pty_size(channel,cols,rows);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-  /** @brief closes a channel
-   * @throws SshException on error
-   * @see ssh_channel_close
-   */
-  void_throwable close(){
-    ssh_throw(ssh_channel_close(channel));
-    return_throwable;
-  }
-
-  int getExitStatus(){
-    return ssh_channel_get_exit_status(channel);
-  }
-  Session &getSession(){
-    return *session;
-  }
-  /** @brief returns true if channel is in closed state
-   * @see ssh_channel_is_closed
-   */
-  bool isClosed(){
-    return ssh_channel_is_closed(channel) != 0;
-  }
-  /** @brief returns true if channel is in EOF state
-   * @see ssh_channel_is_eof
-   */
-  bool isEof(){
-    return ssh_channel_is_eof(channel) != 0;
-  }
-  /** @brief returns true if channel is in open state
-   * @see ssh_channel_is_open
-   */
-  bool isOpen(){
-    return ssh_channel_is_open(channel) != 0;
-  }
-  int openForward(const char *remotehost, int remoteport,
-      const char *sourcehost=NULL, int localport=0){
-    int err=ssh_channel_open_forward(channel,remotehost,remoteport,
-        sourcehost, localport);
-    ssh_throw(err);
-    return err;
-  }
-  /* TODO: completely remove this ? */
-  void_throwable openSession(){
-    int err=ssh_channel_open_session(channel);
-    ssh_throw(err);
-    return_throwable;
-  }
-  int poll(bool is_stderr=false){
-    int err=ssh_channel_poll(channel,is_stderr);
-    ssh_throw(err);
-    return err;
-  }
-  int read(void *dest, size_t count, bool is_stderr=false){
-    int err;
-    /* handle int overflow */
-    if(count > 0x7fffffff)
-      count = 0x7fffffff;
-    err=ssh_channel_read(channel,dest,count,is_stderr);
-    ssh_throw(err);
-    return err;
-  }
-  int readNonblocking(void *dest, size_t count, bool is_stderr=false){
-    int err;
-    /* handle int overflow */
-    if(count > 0x7fffffff)
-      count = 0x7fffffff;
-    err=ssh_channel_read_nonblocking(channel,dest,count,is_stderr);
-    ssh_throw(err);
-    return err;
-  }
-  void_throwable requestEnv(const char *name, const char *value){
-    int err=ssh_channel_request_env(channel,name,value);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-  void_throwable requestExec(const char *cmd){
-    int err=ssh_channel_request_exec(channel,cmd);
-    ssh_throw(err);
-    return_throwable;
-  }
-  void_throwable requestPty(const char *term=NULL, int cols=0, int rows=0){
-    int err;
-    if(term != NULL && cols != 0 && rows != 0)
-      err=ssh_channel_request_pty_size(channel,term,cols,rows);
-    else
-      err=ssh_channel_request_pty(channel);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-  void_throwable requestShell(){
-    int err=ssh_channel_request_shell(channel);
-    ssh_throw(err);
-    return_throwable;
-  }
-  void_throwable requestSendSignal(const char *signum){
-    int err=ssh_channel_request_send_signal(channel, signum);
-    ssh_throw(err);
-    return_throwable;
-  }
-  void_throwable requestSubsystem(const char *subsystem){
-    int err=ssh_channel_request_subsystem(channel,subsystem);
-    ssh_throw(err);
-    return_throwable;
-  }
-  int requestX11(bool single_connection,
-      const char *protocol, const char *cookie, int screen_number){
-    int err=ssh_channel_request_x11(channel,single_connection,
-        protocol, cookie, screen_number);
-    ssh_throw(err);
-    return err;
-  }
-  void_throwable sendEof(){
-    int err=ssh_channel_send_eof(channel);
-    ssh_throw(err);
-    return_throwable;
-  }
-  /** @brief Writes on a channel
-   * @param data data to write.
-   * @param len number of bytes to write.
-   * @param is_stderr write should be done on the stderr channel (server only)
-   * @returns number of bytes written
-   * @throws SshException in case of error
-   * @see channel_write
-   * @see channel_write_stderr
-   */
-  int write(const void *data, size_t len, bool is_stderr=false){
-    int ret;
-    if(is_stderr){
-      ret=ssh_channel_write_stderr(channel,data,len);
-    } else {
-      ret=ssh_channel_write(channel,data,len);
-    }
-    ssh_throw(ret);
-    return ret;
-  }
-private:
-  ssh_session getCSession(){
-    return session->getCSession();
-  }
-  Channel (Session &session, ssh_channel c_channel){
-    this->channel=c_channel;
-    this->session=&session;
-  }
-  Session *session;
-  ssh_channel channel;
-  /* No copy and no = operator */
-  Channel(const Channel &);
-  Channel &operator=(const Channel &);
-};
-
-
-/* This code cannot be put inline due to references to Channel */
-Channel *Session::acceptForward(int timeout_ms){
-    ssh_channel forward = ssh_forward_accept(c_session,
-        timeout_ms);
-    ssh_throw_null(c_session,forward);
-    Channel *newchan = new Channel(*this,forward);
-    return newchan;
-  }
-
-} // namespace ssh
-
-/** @} */
-#endif /* LIBSSHPP_HPP_ */

include/libssh/messages.h

@@ -47,13 +47,6 @@ struct ssh_service_request {
     char *service;
 };
 
-struct ssh_global_request {
-    int type;
-    uint8_t want_reply;
-    char *bind_address;
-    uint16_t bind_port;
-};
-
 struct ssh_channel_request {
     int type;
     ssh_channel channel;
@@ -82,17 +75,10 @@ struct ssh_message_struct {
     struct ssh_channel_request_open channel_request_open;
     struct ssh_channel_request channel_request;
     struct ssh_service_request service_request;
-    struct ssh_global_request global_request;
 };
 
-SSH_PACKET_CALLBACK(ssh_packet_channel_open);
-SSH_PACKET_CALLBACK(ssh_packet_service_request);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_request);
-SSH_PACKET_CALLBACK(ssh_packet_global_request);
 
-int ssh_message_handle_channel_request(ssh_session session, ssh_channel channel, ssh_buffer packet,
-    const char *request, uint8_t want_reply);
-void ssh_message_queue(ssh_session session, ssh_message message);
-ssh_message ssh_message_pop_head(ssh_session session);
+void message_handle(ssh_session session, uint32_t type);
+int ssh_execute_message_callbacks(ssh_session session);
 
 #endif /* MESSAGES_H_ */

include/libssh/misc.h

@@ -30,9 +30,6 @@ int ssh_file_readaccess_ok(const char *file);
 
 char *ssh_path_expand_tilde(const char *d);
 char *ssh_path_expand_escape(ssh_session session, const char *s);
-int ssh_analyze_banner(ssh_session session, int server, int *ssh1, int *ssh2);
-int ssh_is_ipaddr_v4(const char *str);
-int ssh_is_ipaddr(const char *str);
 
 /* macro for byte ordering */
 uint64_t ntohll(uint64_t);
@@ -50,18 +47,12 @@ struct ssh_iterator {
   const void *data;
 };
 
-struct ssh_timestamp {
-  long seconds;
-  long useconds;
-};
-
 struct ssh_list *ssh_list_new(void);
 void ssh_list_free(struct ssh_list *list);
 struct ssh_iterator *ssh_list_get_iterator(const struct ssh_list *list);
 int ssh_list_append(struct ssh_list *list, const void *data);
 int ssh_list_prepend(struct ssh_list *list, const void *data);
 void ssh_list_remove(struct ssh_list *list, struct ssh_iterator *iterator);
-char *ssh_lowercase(const char* str);
 char *ssh_hostport(const char *host, int port);
 
 const void *_ssh_list_pop_head(struct ssh_list *list);
@@ -77,8 +68,4 @@ const void *_ssh_list_pop_head(struct ssh_list *list);
 #define ssh_list_pop_head(type, ssh_list)\
   ((type)_ssh_list_pop_head(ssh_list))
 
-void ssh_timestamp_init(struct ssh_timestamp *ts);
-int ssh_timeout_elapsed(struct ssh_timestamp *ts, int timeout);
-int ssh_timeout_update(struct ssh_timestamp *ts, int timeout);
-
 #endif /* MISC_H_ */

include/libssh/packet.h

@@ -29,34 +29,13 @@ typedef struct packet_struct {
 	uint8_t type;
 } PACKET;
 
-/** different state of packet reading. */
-enum ssh_packet_state_e {
-  /** Packet not initialized, must read the size of packet */
-  PACKET_STATE_INIT,
-  /** Size was read, waiting for the rest of data */
-  PACKET_STATE_SIZEREAD,
-  /** Full packet was read and callbacks are being called. Future packets
-   * should wait for the end of the callback. */
-  PACKET_STATE_PROCESSING
-};
-
+void packet_parse(ssh_session session);
 int packet_send(ssh_session session);
 
-#ifdef WITH_SSH1
-int packet_send1(ssh_session session) ;
-void ssh_packet_set_default_callbacks1(ssh_session session);
-
-SSH_PACKET_CALLBACK(ssh_packet_disconnect1);
-SSH_PACKET_CALLBACK(ssh_packet_smsg_success1);
-SSH_PACKET_CALLBACK(ssh_packet_smsg_failure1);
-int ssh_packet_socket_callback1(const void *data, size_t receivedlen, void *user);
-
-#endif
-
-SSH_PACKET_CALLBACK(ssh_packet_unimplemented);
-int ssh_packet_send_unimplemented(ssh_session session, uint32_t seqnum);
-int ssh_packet_parse_type(ssh_session session);
-//int packet_flush(ssh_session session, int enforce_blocking);
+int packet_read(ssh_session session);
+int packet_translate(ssh_session session);
+int packet_wait(ssh_session session,int type,int blocking);
+int packet_flush(ssh_session session, int enforce_blocking);
 
 
 #endif /* PACKET_H_ */

include/libssh/pki.h

@@ -1,49 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef PKI_H_
-#define PKI_H_
-
-#define SSH_KEY_FLAG_EMPTY 0
-#define SSH_KEY_FLAG_PUBLIC  1
-#define SSH_KEY_FLAG_PRIVATE 2
-
-struct ssh_key_struct {
-    enum ssh_keytypes_e type;
-    int flags;
-    const char *type_c; /* Don't free it ! it is static */
-#ifdef HAVE_LIBGCRYPT
-    gcry_sexp_t dsa;
-    gcry_sexp_t rsa;
-#elif HAVE_LIBCRYPTO
-    DSA *dsa;
-    RSA *rsa;
-#endif
-};
-
-ssh_key ssh_key_new (void);
-void ssh_key_clean (ssh_key key);
-enum ssh_keytypes_e ssh_key_type(ssh_key key);
-int ssh_key_import_private(ssh_key key, ssh_session session,
-    const char *filename, const char *passphrase);
-void ssh_key_free (ssh_key key);
-
-#endif /* PKI_H_ */

include/libssh/poll.h

@@ -121,8 +121,7 @@ typedef struct ssh_poll_ctx_struct *ssh_poll_ctx;
 typedef struct ssh_poll_handle_struct *ssh_poll_handle;
 
 /**
- * @brief SSH poll callback. This callback will be used when an event
- *                      caught on the socket.
+ * @brief SSH poll callback.
  *
  * @param p             Poll object this callback belongs to.
  * @param fd            The raw socket.
@@ -130,7 +129,7 @@ typedef struct ssh_poll_handle_struct *ssh_poll_handle;
  * @param userdata      Userdata to be passed to the callback function.
  *
  * @return              0 on success, < 0 if you removed the poll object from
- *                      its poll context.
+ *                      it's poll context.
  */
 typedef int (*ssh_poll_callback)(ssh_poll_handle p, socket_t fd, int revents,
     void *userdata);
@@ -145,14 +144,13 @@ void ssh_poll_set_events(ssh_poll_handle p, short events);
 void ssh_poll_add_events(ssh_poll_handle p, short events);
 void ssh_poll_remove_events(ssh_poll_handle p, short events);
 socket_t ssh_poll_get_fd(ssh_poll_handle p);
-void ssh_poll_set_fd(ssh_poll_handle p, socket_t fd);
 void ssh_poll_set_callback(ssh_poll_handle p, ssh_poll_callback cb, void *userdata);
 ssh_poll_ctx ssh_poll_ctx_new(size_t chunk_size);
 void ssh_poll_ctx_free(ssh_poll_ctx ctx);
 int ssh_poll_ctx_add(ssh_poll_ctx ctx, ssh_poll_handle p);
-int ssh_poll_ctx_add_socket (ssh_poll_ctx ctx, struct ssh_socket_struct *s);
 void ssh_poll_ctx_remove(ssh_poll_ctx ctx, ssh_poll_handle p);
 int ssh_poll_ctx_dopoll(ssh_poll_ctx ctx, int timeout);
-ssh_poll_ctx ssh_poll_get_default_ctx(ssh_session session);
+
+
 
 #endif /* POLL_H_ */

include/libssh/priv.h

@@ -46,6 +46,9 @@
 #  undef inline
 #  define inline __inline
 
+#  undef strdup
+#  define strdup _strdup
+
 #  define strcasecmp _stricmp
 #  define strncasecmp _strnicmp
 #  define strtoull _strtoui64
@@ -84,6 +87,9 @@
 #   endif /* HAVE__VSNPRINTF */
 #  endif /* HAVE__VSNPRINTF_S */
 
+#  ifndef HAVE_STRNCPY
+#  define strncpy(d, s, n) strncpy_s((d), (n), (s), _TRUNCATE)
+#  endif
 # endif /* _MSC_VER */
 
 #else /* _WIN32 */
@@ -96,13 +102,18 @@
 #include "libssh/libssh.h"
 #include "libssh/callbacks.h"
 #include "libssh/crypto.h"
-
 /* some constants */
 #define MAX_PACKET_LEN 262144
 #define ERROR_BUFFERLEN 1024
 #define CLIENTBANNER1 "SSH-1.5-libssh-" SSH_STRINGIFY(LIBSSH_VERSION)
 #define CLIENTBANNER2 "SSH-2.0-libssh-" SSH_STRINGIFY(LIBSSH_VERSION)
 #define KBDINT_MAX_PROMPT 256 /* more than openssh's :) */
+/* some types for public keys */
+enum public_key_types_e{
+	TYPE_DSS=1,
+	TYPE_RSA,
+	TYPE_RSA1
+};
 
 #ifdef __cplusplus
 extern "C" {
@@ -120,7 +131,7 @@ typedef struct kex_struct {
 
 struct error_struct {
 /* error handling */
-    int error_code;
+    unsigned int error_code;
     char error_buffer[ERROR_BUFFERLEN];
 };
 
@@ -134,18 +145,33 @@ struct ssh_keys_struct {
 
 struct ssh_message_struct;
 
+
 /* server data */
 
+struct ssh_bind_struct {
+  struct error_struct error;
+
+  ssh_callbacks callbacks; /* Callbacks to user functions */
+
+  /* options */
+  char *wanted_methods[10];
+  char *banner;
+  char *dsakey;
+  char *rsakey;
+  char *bindaddr;
+  socket_t bindfd;
+  unsigned int bindport;
+  unsigned int log_verbosity;
+
+  int blocking;
+  int toaccept;
+};
 
-SSH_PACKET_CALLBACK(ssh_packet_disconnect_callback);
-SSH_PACKET_CALLBACK(ssh_packet_ignore_callback);
 
 /* client.c */
 
 int ssh_send_banner(ssh_session session, int is_server);
-SSH_PACKET_CALLBACK(ssh_packet_dh_reply);
-SSH_PACKET_CALLBACK(ssh_packet_newkeys);
-SSH_PACKET_CALLBACK(ssh_packet_service_accept);
+char *ssh_get_banner(ssh_session session);
 
 /* config.c */
 int ssh_config_parse_file(ssh_session session, const char *filename);
@@ -160,36 +186,26 @@ uint32_t packet_decrypt_len(ssh_session session,char *crypted);
 int packet_decrypt(ssh_session session, void *packet,unsigned int len);
 unsigned char *packet_encrypt(ssh_session session,void *packet,unsigned int len);
  /* it returns the hmac buffer if exists*/
-struct ssh_poll_handle_struct;
-
 int packet_hmac_verify(ssh_session session,ssh_buffer buffer,unsigned char *mac);
 
-struct ssh_socket_struct;
-
-int ssh_packet_socket_callback(const void *data, size_t len, void *user);
-void ssh_packet_register_socket_callback(ssh_session session, struct ssh_socket_struct *s);
-void ssh_packet_set_callbacks(ssh_session session, ssh_packet_callbacks callbacks);
-void ssh_packet_set_default_callbacks(ssh_session session);
-void ssh_packet_process(ssh_session session, uint8_t type);
 /* connect.c */
+int ssh_regex_init(void);
+void ssh_regex_finalize(void);
+ssh_session ssh_session_new(void);
 socket_t ssh_connect_host(ssh_session session, const char *host,const char
         *bind_addr, int port, long timeout, long usec);
-socket_t ssh_connect_host_nonblocking(ssh_session session, const char *host,
-		const char *bind_addr, int port);
-void ssh_sock_set_nonblocking(socket_t sock);
-void ssh_sock_set_blocking(socket_t sock);
 
 /* in kex.c */
 extern const char *ssh_kex_nums[];
 int ssh_send_kex(ssh_session session, int server_kex);
 void ssh_list_kex(ssh_session session, KEX *kex);
 int set_kex(ssh_session session);
+int ssh_get_kex(ssh_session session, int server_kex);
 int verify_existing_algo(int algo, const char *name);
 char **space_tokenize(const char *chain);
 int ssh_get_kex1(ssh_session session);
 char *ssh_find_matching(const char *in_d, const char *what_d);
 
-
 /* in base64.c */
 ssh_buffer base64_to_bin(const char *source);
 unsigned char *bin_to_base64(const unsigned char *source, int len);
@@ -201,11 +217,26 @@ int decompress_buffer(ssh_session session,ssh_buffer buf, size_t maxlen);
 /* crc32.c */
 uint32_t ssh_crc32(const char *buf, uint32_t len);
 
+/* auth1.c */
+int ssh_userauth1_none(ssh_session session, const char *username);
+int ssh_userauth1_offer_pubkey(ssh_session session, const char *username,
+        int type, ssh_string pubkey);
+int ssh_userauth1_password(ssh_session session, const char *username,
+        const char *password);
+
+/* channels1.c */
+int channel_open_session1(ssh_channel channel);
+int channel_request_pty_size1(ssh_channel channel, const char *terminal,
+    int cols, int rows);
+int channel_change_pty_size1(ssh_channel channel, int cols, int rows);
+int channel_request_shell1(ssh_channel channel);
+int channel_request_exec1(ssh_channel channel, const char *cmd);
+int channel_handle1(ssh_session session, int type);
+int channel_write1(ssh_channel channel, const void *data, int len);
 
 /* match.c */
 int match_hostname(const char *host, const char *pattern, unsigned int len);
 
-int message_handle(ssh_session session, void *user, uint8_t type, ssh_buffer packet);
 /* log.c */
 
 /* misc.c */
@@ -248,9 +279,6 @@ int gettimeofday(struct timeval *__p, void *__t);
 int ssh_options_set_algo(ssh_session session, int algo, const char *list);
 int ssh_options_apply(ssh_session session);
 
-/* server.c */
-SSH_PACKET_CALLBACK(ssh_packet_kexdh_init);
-
 /** Free memory space */
 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)
 

include/libssh/server.h

@@ -21,8 +21,8 @@
  */
 
 /**
- * @defgroup libssh_server The libssh server API
- *
+ * @defgroup ssh_server SSH Server
+ * @addtogroup ssh_server
  * @{
  */
 
@@ -48,33 +48,9 @@ enum ssh_bind_options_e {
   SSH_BIND_OPTIONS_LOG_VERBOSITY_STR
 };
 
+//typedef struct ssh_bind_struct SSH_BIND;
 typedef struct ssh_bind_struct* ssh_bind;
 
-/* Callback functions */
-
-/**
- * @brief Incoming connection callback. This callback is called when a ssh_bind
- *        has a new incoming connection.
- * @param sshbind Current sshbind session handler
- * @param message the actual message
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_bind_incoming_connection_callback) (ssh_bind sshbind,
-    void *userdata);
-
-/**
- * @brief These are the callbacks exported by the ssh_bind structure.
- *
- * They are called by the server module when events appear on the network.
- */
-struct ssh_bind_callbacks_struct {
-  /** DON'T SET THIS use ssh_callbacks_init() instead. */
-  size_t size;
-  /** A new connection is available. */
-  ssh_bind_incoming_connection_callback incoming_connection;
-};
-typedef struct ssh_bind_callbacks_struct *ssh_bind_callbacks;
-
 /**
  * @brief Creates a new SSH server bind.
  *
@@ -83,67 +59,15 @@ typedef struct ssh_bind_callbacks_struct *ssh_bind_callbacks;
 LIBSSH_API ssh_bind ssh_bind_new(void);
 
 /**
- * @brief Set the options for the current SSH server bind.
+ * @brief Set the opitons for the current SSH server bind.
  *
- * @param  sshbind     The ssh server bind to configure.
+ * @param  sshbind     The ssh server bind to use.
  *
- * @param  type The option type to set. This could be one of the
- *              following:
+ * @param  type        The option type to set.
  *
- *              - SSH_BIND_OPTIONS_BINDADDR
- *                The ip address to bind (const char *).
+ * @param  value       The option value to set.
  *
- *              - SSH_BIND_OPTIONS_BINDPORT
- *                The port to bind (unsigned int).
- *
- *              - SSH_BIND_OPTIONS_BINDPORT_STR
- *                The port to bind (const char *).
- *
- *              - SSH_BIND_OPTIONS_HOSTKEY
- *                This specifies the file containing the private host key used
- *                by SSHv1. (const char *).
- *
- *              - SSH_BIND_OPTIONS_DSAKEY
- *                This specifies the file containing the private host dsa key
- *                used by SSHv2. (const char *).
- *
- *              - SSH_BIND_OPTIONS_RSAKEY
- *                This specifies the file containing the private host dsa key
- *                used by SSHv2. (const char *).
- *
- *              - SSH_BIND_OPTIONS_BANNER
- *                That the server banner (version string) for SSH.
- *                (const char *).
- *
- *              - SSH_BIND_OPTIONS_LOG_VERBOSITY
- *                Set the session logging verbosity (int).\n
- *                \n
- *                The verbosity of the messages. Every log smaller or
- *                equal to verbosity will be shown.
- *                - SSH_LOG_NOLOG: No logging
- *                - SSH_LOG_RARE: Rare conditions or warnings
- *                - SSH_LOG_ENTRY: API-accessible entrypoints
- *                - SSH_LOG_PACKET: Packet id and size
- *                - SSH_LOG_FUNCTIONS: Function entering and leaving
- *
- *              - SSH_BIND_OPTIONS_LOG_VERBOSITY_STR
- *                Set the session logging verbosity (const char *).\n
- *                \n
- *                The verbosity of the messages. Every log smaller or
- *                equal to verbosity will be shown.
- *                - SSH_LOG_NOLOG: No logging
- *                - SSH_LOG_RARE: Rare conditions or warnings
- *                - SSH_LOG_ENTRY: API-accessible entrypoints
- *                - SSH_LOG_PACKET: Packet id and size
- *                - SSH_LOG_FUNCTIONS: Function entering and leaving
- *                \n
- *                See the corresponding numbers in libssh.h.
- *
- * @param  value The value to set. This is a generic pointer and the
- *               datatype which is used should be set according to the
- *               type set.
- *
- * @returns     SSH_OK on success, SSH_ERROR on invalid option or parameter.
+ * @return 0 on success, < 0 on error.
  */
 LIBSSH_API int ssh_bind_options_set(ssh_bind sshbind,
     enum ssh_bind_options_e type, const void *value);
@@ -157,29 +81,6 @@ LIBSSH_API int ssh_bind_options_set(ssh_bind sshbind,
  */
 LIBSSH_API int ssh_bind_listen(ssh_bind ssh_bind_o);
 
-/**
- * @brief Set the callback for this bind.
- *
- * @param[in] sshbind   The bind to set the callback on.
- *
- * @param[in] callbacks An already set up ssh_bind_callbacks instance.
- *
- * @param[in] userdata  A pointer to private data to pass to the callbacks.
- *
- * @return              SSH_OK on success, SSH_ERROR if an error occured.
- *
- * @code
- *     struct ssh_callbacks_struct cb = {
- *         .userdata = data,
- *         .auth_function = my_auth_function
- *     };
- *     ssh_callbacks_init(&cb);
- *     ssh_bind_set_callbacks(session, &cb);
- * @endcode
- */
-LIBSSH_API int ssh_bind_set_callbacks(ssh_bind sshbind, ssh_bind_callbacks callbacks,
-    void *userdata);
-
 /**
  * @brief  Set the session to blocking/nonblocking mode.
  *
@@ -220,19 +121,10 @@ LIBSSH_API void ssh_bind_fd_toaccept(ssh_bind ssh_bind_o);
  * @param  ssh_bind_o     The ssh server bind to accept a connection.
  * @param  session			A preallocated ssh session
  * @see ssh_new
- * @return SSH_OK when a connection is established
+ * @return A newly allocated ssh session, NULL on error.
  */
 LIBSSH_API int ssh_bind_accept(ssh_bind ssh_bind_o, ssh_session session);
 
-/**
- * @brief Handles the key exchange and set up encryption
- *
- * @param  session			A connected ssh session
- * @see ssh_bind_accept
- * @return SSH_OK if the key exchange was successful
- */
-LIBSSH_API int ssh_handle_key_exchange(ssh_session session);
-
 /**
  * @brief Free a ssh servers bind.
  *
@@ -240,29 +132,32 @@ LIBSSH_API int ssh_handle_key_exchange(ssh_session session);
  */
 LIBSSH_API void ssh_bind_free(ssh_bind ssh_bind_o);
 
+/**
+ * @brief Exchange the banner and cryptographic keys.
+ *
+ * @param  session      The ssh session to accept a connection.
+ *
+ * @return 0 on success, < 0 on error.
+ */
+LIBSSH_API int ssh_accept(ssh_session session);
+
+LIBSSH_API int channel_write_stderr(ssh_channel channel, const void *data, uint32_t len);
+
 /* messages.c */
 LIBSSH_API int ssh_message_reply_default(ssh_message msg);
 
 LIBSSH_API char *ssh_message_auth_user(ssh_message msg);
 LIBSSH_API char *ssh_message_auth_password(ssh_message msg);
 LIBSSH_API ssh_public_key ssh_message_auth_publickey(ssh_message msg);
-LIBSSH_API enum ssh_publickey_state_e ssh_message_auth_publickey_state(ssh_message msg);
 LIBSSH_API int ssh_message_auth_reply_success(ssh_message msg,int partial);
 LIBSSH_API int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey);
-LIBSSH_API int ssh_message_auth_reply_pk_ok_simple(ssh_message msg);
-
 LIBSSH_API int ssh_message_auth_set_methods(ssh_message msg, int methods);
 
 LIBSSH_API int ssh_message_service_reply_success(ssh_message msg);
 LIBSSH_API char *ssh_message_service_service(ssh_message msg);
 
-LIBSSH_API int ssh_message_global_request_reply_success(ssh_message msg,
-                                                        uint16_t bound_port);
-
 LIBSSH_API void ssh_set_message_callback(ssh_session session,
-    int(*ssh_bind_message_callback)(ssh_session session, ssh_message msg, void *data),
-    void *data);
-LIBSSH_API int ssh_execute_message_callbacks(ssh_session session);
+    int(*ssh_message_callback)(ssh_session session, ssh_message msg));
 
 LIBSSH_API char *ssh_message_channel_request_open_originator(ssh_message msg);
 LIBSSH_API int ssh_message_channel_request_open_originator_port(ssh_message msg);
@@ -284,32 +179,13 @@ LIBSSH_API char *ssh_message_channel_request_command(ssh_message msg);
 
 LIBSSH_API char *ssh_message_channel_request_subsystem(ssh_message msg);
 
-LIBSSH_API char *ssh_message_global_request_address(ssh_message msg);
-LIBSSH_API int ssh_message_global_request_port(ssh_message msg);
-
-LIBSSH_API int ssh_channel_open_reverse_forward(ssh_channel channel, const char *remotehost,
-    int remoteport, const char *sourcehost, int localport);
-
-LIBSSH_API int ssh_channel_request_send_exit_status(ssh_channel channel,
-                                                int exit_status);
-LIBSSH_API int ssh_channel_request_send_exit_signal(ssh_channel channel,
-                                                const char *signum,
-                                                int core,
-                                                const char *errmsg,
-                                                const char *lang);
-LIBSSH_API int ssh_channel_write_stderr(ssh_channel channel,
-                                                const void *data,
-                                                uint32_t len);
-
-/* deprecated functions */
-SSH_DEPRECATED LIBSSH_API int ssh_accept(ssh_session session);
-SSH_DEPRECATED LIBSSH_API int channel_write_stderr(ssh_channel channel,
-        const void *data, uint32_t len);
-
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
 
 #endif /* SERVER_H */
 
-/** @} */
+/**
+ * @}
+ */
+/* vim: set ts=2 sw=2 et cindent: */

include/libssh/session.h

@@ -24,46 +24,12 @@
 #include "libssh/priv.h"
 #include "libssh/packet.h"
 #include "libssh/pcap.h"
-#include "libssh/auth.h"
-#include "libssh/channels.h"
-#include "libssh/poll.h"
+
 typedef struct ssh_kbdint_struct* ssh_kbdint;
 
-/* These are the different states a SSH session can be into its life */
-enum ssh_session_state_e {
-	SSH_SESSION_STATE_NONE=0,
-	SSH_SESSION_STATE_CONNECTING,
-	SSH_SESSION_STATE_SOCKET_CONNECTED,
-	SSH_SESSION_STATE_BANNER_RECEIVED,
-	SSH_SESSION_STATE_INITIAL_KEX,
-	SSH_SESSION_STATE_KEXINIT_RECEIVED,
-	SSH_SESSION_STATE_DH,
-	SSH_SESSION_STATE_AUTHENTICATING,
-	SSH_SESSION_STATE_AUTHENTICATED,
-	SSH_SESSION_STATE_ERROR,
-	SSH_SESSION_STATE_DISCONNECTED
-};
-
-enum ssh_dh_state_e {
-  DH_STATE_INIT=0,
-  DH_STATE_INIT_SENT,
-  DH_STATE_NEWKEYS_SENT,
-  DH_STATE_FINISHED
-};
-
-enum ssh_pending_call_e {
-	SSH_PENDING_CALL_NONE = 0,
-	SSH_PENDING_CALL_CONNECT,
-	SSH_PENDING_CALL_AUTH_NONE,
-	SSH_PENDING_CALL_AUTH_PASSWORD
-};
-
-/* libssh calls may block an undefined amount of time */
-#define SSH_SESSION_FLAG_BLOCKING 1
-
 struct ssh_session_struct {
     struct error_struct error;
-    struct ssh_socket_struct *socket;
+    struct socket *socket;
     char *serverbanner;
     char *clientbanner;
     int protoversion;
@@ -80,13 +46,15 @@ struct ssh_session_struct {
     /* !=0 when the user got a session handle */
     int alive;
     /* two previous are deprecated */
-    /* int auth_service_asked; */
+    int auth_service_asked;
 
-    /* session flags (SSH_SESSION_FLAG_*) */
-    int flags;
+/* socket status */
+    int blocking; // functions should block
 
     ssh_string banner; /* that's the issue banner from
                        the server */
+    char *remotebanner; /* that's the SSH- banner from
+                           remote host. */
     char *discon_msg; /* disconnect message from
                          the remote host */
     ssh_buffer in_buffer;
@@ -95,14 +63,10 @@ struct ssh_session_struct {
 
     /* the states are used by the nonblocking stuff to remember */
     /* where it was before being interrupted */
-    enum ssh_pending_call_e pending_call_state;
-    enum ssh_session_state_e session_state;
     int packet_state;
-    enum ssh_dh_state_e dh_handshake_state;
-    enum ssh_auth_service_state_e auth_service_state;
-    enum ssh_auth_state_e auth_state;
-    enum ssh_channel_request_state_e global_req_state;
-    ssh_string dh_server_signature; /* information used by dh_handshake. */
+    int dh_handshake_state;
+    ssh_string dh_server_signature; //information used by dh_handshake.
+
     KEX server_kex;
     KEX client_kex;
     ssh_buffer in_hashbuf;
@@ -126,17 +90,12 @@ struct ssh_session_struct {
     int auth_methods;
     int hostkeys; /* contains type of host key wanted by client, in server impl */
     struct ssh_list *ssh_message_list; /* list of delayed SSH messages */
-    int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata);
-    void *ssh_message_callback_data;
+    int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg);
     int log_verbosity; /*cached copy of the option structure */
     int log_indent; /* indentation level in enter_function logs */
 
-    void (*ssh_connection_callback)( struct ssh_session_struct *session);
     ssh_callbacks callbacks; /* Callbacks to user functions */
-    struct ssh_packet_callbacks_struct default_packet_callbacks;
-    struct ssh_list *packet_callbacks;
-    struct ssh_socket_callbacks_struct socket_callbacks;
-    ssh_poll_ctx default_poll_ctx;
+
     /* options */
 #ifdef WITH_PCAP
     ssh_pcap_context pcap_ctx; /* pcap debugging context */
@@ -149,26 +108,15 @@ struct ssh_session_struct {
     char *sshdir;
     char *knownhosts;
     char *wanted_methods[10];
-    char compressionlevel;
     unsigned long timeout; /* seconds */
     unsigned long timeout_usec;
     unsigned int port;
     socket_t fd;
     int ssh2;
     int ssh1;
-    int StrictHostKeyChecking;
     char *ProxyCommand;
 };
 
-/** @internal
- * @brief a termination function evaluates the status of an object
- * @param user[in] object to evaluate
- * @returns 1 if the polling routine should terminate, 0 instead
- */
-typedef int (*ssh_termination_function)(void *user);
-int ssh_handle_packets(ssh_session session, int timeout);
-int ssh_handle_packets_termination(ssh_session session, int timeout,
-    ssh_termination_function fct, void *user);
-void ssh_socket_exception_callback(int code, int errno_code, void *user);
-
+int ssh_handle_packets(ssh_session session);
+void ssh_global_request_handle(ssh_session session);
 #endif /* SESSION_H_ */

include/libssh/sftp.h

@@ -32,7 +32,7 @@
  * it can fetch it, while continuing to read for other messages (it is
  * unspecified in which order messages may be sent back to the client
  *
- * @defgroup libssh_sftp The libssh SFTP API
+ * @defgroup ssh_sftp SFTP Functions
  * @{
  */
 
@@ -843,44 +843,22 @@ void sftp_handle_remove(sftp_session sftp, void *handle);
 #define SSH_FILEXFER_TYPE_SPECIAL 4
 #define SSH_FILEXFER_TYPE_UNKNOWN 5
 
-/**
- * @name Server responses
- *
- * @brief Responses returned by the sftp server.
- * @{
- */
-
-/** No error */
+/* server responses */
 #define SSH_FX_OK 0
-/** End-of-file encountered */
 #define SSH_FX_EOF 1
-/** File doesn't exist */
 #define SSH_FX_NO_SUCH_FILE 2
-/** Permission denied */
 #define SSH_FX_PERMISSION_DENIED 3
-/** Generic failure */
 #define SSH_FX_FAILURE 4
-/** Garbage received from server */
 #define SSH_FX_BAD_MESSAGE 5
-/** No connection has been set up */
 #define SSH_FX_NO_CONNECTION 6
-/** There was a connection, but we lost it */
 #define SSH_FX_CONNECTION_LOST 7
-/** Operation not supported by the server */
 #define SSH_FX_OP_UNSUPPORTED 8
-/** Invalid file handle */
 #define SSH_FX_INVALID_HANDLE 9
-/** No such file or directory path exists */
 #define SSH_FX_NO_SUCH_PATH 10
-/** An attempt to create an already existing file or directory has been made */
 #define SSH_FX_FILE_ALREADY_EXISTS 11
-/** We are trying to write on a write-protected filesystem */
 #define SSH_FX_WRITE_PROTECT 12
-/** No media in remote drive */
 #define SSH_FX_NO_MEDIA 13
 
-/** @} */
-
 /* file flags */
 #define SSH_FXF_READ 0x01
 #define SSH_FXF_WRITE 0x02

include/libssh/socket.h

@@ -22,46 +22,41 @@
 #ifndef SOCKET_H_
 #define SOCKET_H_
 
-#include "libssh/callbacks.h"
-struct ssh_poll_handle_struct;
 /* socket.c */
 
-struct ssh_socket_struct;
-typedef struct ssh_socket_struct* ssh_socket;
-
+struct socket;
 int ssh_socket_init(void);
+struct socket *ssh_socket_new(ssh_session session);
+void ssh_socket_free(struct socket *s);
+void ssh_socket_set_fd(struct socket *s, socket_t fd);
+socket_t ssh_socket_get_fd(struct socket *s);
 void ssh_socket_cleanup(void);
-ssh_socket ssh_socket_new(ssh_session session);
-void ssh_socket_reset(ssh_socket s);
-void ssh_socket_free(ssh_socket s);
-void ssh_socket_set_fd(ssh_socket s, socket_t fd);
-socket_t ssh_socket_get_fd_in(ssh_socket s);
 #ifndef _WIN32
-int ssh_socket_unix(ssh_socket s, const char *path);
-void ssh_execute_command(const char *command, socket_t in, socket_t out);
-int ssh_socket_connect_proxycommand(ssh_socket s, const char *command);
+int ssh_socket_unix(struct socket *s, const char *path);
 #endif
-void ssh_socket_close(ssh_socket s);
-int ssh_socket_write(ssh_socket s,const void *buffer, int len);
-int ssh_socket_is_open(ssh_socket s);
-int ssh_socket_fd_isset(ssh_socket s, fd_set *set);
-void ssh_socket_fd_set(ssh_socket s, fd_set *set, socket_t *max_fd);
-void ssh_socket_set_fd_in(ssh_socket s, socket_t fd);
-void ssh_socket_set_fd_out(ssh_socket s, socket_t fd);
-int ssh_socket_nonblocking_flush(ssh_socket s);
-void ssh_socket_set_write_wontblock(ssh_socket s);
-void ssh_socket_set_read_wontblock(ssh_socket s);
-void ssh_socket_set_except(ssh_socket s);
-int ssh_socket_get_status(ssh_socket s);
-int ssh_socket_buffered_write_bytes(ssh_socket s);
-int ssh_socket_data_available(ssh_socket s);
-int ssh_socket_data_writable(ssh_socket s);
+void ssh_socket_close(struct socket *s);
+int ssh_socket_read(struct socket *s, void *buffer, int len);
+int ssh_socket_write(struct socket *s,const void *buffer, int len);
+int ssh_socket_is_open(struct socket *s);
+int ssh_socket_fd_isset(struct socket *s, fd_set *set);
+void ssh_socket_fd_set(struct socket *s, fd_set *set, socket_t *max_fd);
+int ssh_socket_completeread(struct socket *s, void *buffer, uint32_t len);
+int ssh_socket_completewrite(struct socket *s, const void *buffer, uint32_t len);
+int ssh_socket_wait_for_data(struct socket *s, ssh_session session, uint32_t len);
+int ssh_socket_nonblocking_flush(struct socket *s);
+int ssh_socket_blocking_flush(struct socket *s);
+int ssh_socket_poll(struct socket *s, int *writeable, int *except);
+void ssh_socket_set_towrite(struct socket *s);
+void ssh_socket_set_toread(struct socket *s);
+void ssh_socket_set_except(struct socket *s);
+int ssh_socket_get_status(struct socket *s);
+int ssh_socket_data_available(struct socket *s);
+int ssh_socket_data_writable(struct socket *s);
 
-void ssh_socket_set_callbacks(ssh_socket s, ssh_socket_callbacks callbacks);
-int ssh_socket_pollcallback(struct ssh_poll_handle_struct *p, socket_t fd, int revents, void *v_s);
-struct ssh_poll_handle_struct * ssh_socket_get_poll_handle_in(ssh_socket s);
-struct ssh_poll_handle_struct * ssh_socket_get_poll_handle_out(ssh_socket s);
-
-int ssh_socket_connect(ssh_socket s, const char *host, int port, const char *bind_addr);
+#ifndef _WIN32
+void ssh_execute_command(const char *command, socket_t in, socket_t out);
+socket_t ssh_socket_connect_proxycommand(ssh_session session,
+    const char *command);
+#endif
 
 #endif /* SOCKET_H_ */

include/libssh/threads.h

@@ -1,32 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef THREADS_H_
-#define THREADS_H_
-
-#include <libssh/libssh.h>
-#include <libssh/callbacks.h>
-
-int ssh_threads_init(void);
-void ssh_threads_finalize(void);
-const char *ssh_threads_get_type(void);
-
-#endif /* THREADS_H_ */

include/libssh/wrapper.h

@@ -23,8 +23,79 @@
 #define WRAPPER_H_
 
 #include "config.h"
-#include "libssh/libcrypto.h"
-#include "libssh/libgcrypt.h"
+
+#ifdef MD5_DIGEST_LEN
+    #undef MD5_DIGEST_LEN
+#endif
+/* wrapper things */
+#ifdef HAVE_LIBGCRYPT
+#include <gcrypt.h>
+typedef gcry_md_hd_t SHACTX;
+typedef gcry_md_hd_t MD5CTX;
+typedef gcry_md_hd_t HMACCTX;
+#define SHA_DIGEST_LEN 20
+#define MD5_DIGEST_LEN 16
+#define EVP_MAX_MD_SIZE 36
+
+typedef gcry_mpi_t bignum;
+
+#define bignum_new() gcry_mpi_new(0)
+#define bignum_free(num) gcry_mpi_release(num)
+#define bignum_set_word(bn,n) gcry_mpi_set_ui(bn,n)
+#define bignum_bin2bn(bn,datalen,data) gcry_mpi_scan(data,GCRYMPI_FMT_USG,bn,datalen,NULL)
+#define bignum_bn2dec(num) my_gcry_bn2dec(num)
+#define bignum_dec2bn(num, data) my_gcry_dec2bn(data, num)
+#define bignum_bn2hex(num,data) gcry_mpi_aprint(GCRYMPI_FMT_HEX,data,NULL,num)
+#define bignum_hex2bn(num,datalen,data) gcry_mpi_scan(num,GCRYMPI_FMT_HEX,data,datalen,NULL)
+#define bignum_rand(num,bits) gcry_mpi_randomize(num,bits,GCRY_STRONG_RANDOM),gcry_mpi_set_bit(num,bits-1),gcry_mpi_set_bit(num,0)
+#define bignum_mod_exp(dest,generator,exp,modulo) gcry_mpi_powm(dest,generator,exp,modulo)
+#define bignum_num_bits(num) gcry_mpi_get_nbits(num)
+#define bignum_num_bytes(num) ((gcry_mpi_get_nbits(num)+7)/8)
+#define bignum_is_bit_set(num,bit) gcry_mpi_test_bit(num,bit)
+#define bignum_bn2bin(num,datalen,data) gcry_mpi_print(GCRYMPI_FMT_USG,data,datalen,NULL,num)
+#define bignum_cmp(num1,num2) gcry_mpi_cmp(num1,num2)
+
+#elif defined HAVE_LIBCRYPTO
+
+#include <openssl/dsa.h>
+#include <openssl/rsa.h>
+#include <openssl/sha.h>
+#include <openssl/md5.h>
+#include <openssl/hmac.h>
+typedef SHA_CTX* SHACTX;
+typedef MD5_CTX*  MD5CTX;
+typedef HMAC_CTX* HMACCTX;
+
+#define SHA_DIGEST_LEN SHA_DIGEST_LENGTH
+#define MD5_DIGEST_LEN MD5_DIGEST_LENGTH
+
+#include <openssl/bn.h>
+#include <openssl/opensslv.h>
+#define OPENSSL_0_9_7b 0x0090702fL
+#if (OPENSSL_VERSION_NUMBER <= OPENSSL_0_9_7b)
+#define BROKEN_AES_CTR
+#endif
+typedef BIGNUM*  bignum;
+typedef BN_CTX* bignum_CTX;
+
+#define bignum_new() BN_new()
+#define bignum_free(num) BN_clear_free(num)
+#define bignum_set_word(bn,n) BN_set_word(bn,n)
+#define bignum_bin2bn(bn,datalen,data) BN_bin2bn(bn,datalen,data)
+#define bignum_bn2dec(num) BN_bn2dec(num)
+#define bignum_dec2bn(bn,data) BN_dec2bn(data,bn)
+#define bignum_bn2hex(num) BN_bn2hex(num)
+#define bignum_rand(rnd, bits, top, bottom) BN_rand(rnd,bits,top,bottom)
+#define bignum_ctx_new() BN_CTX_new()
+#define bignum_ctx_free(num) BN_CTX_free(num)
+#define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx)
+#define bignum_num_bytes(num) BN_num_bytes(num)
+#define bignum_num_bits(num) BN_num_bits(num)
+#define bignum_is_bit_set(num,bit) BN_is_bit_set(num,bit)
+#define bignum_bn2bin(num,ptr) BN_bn2bin(num,ptr)
+#define bignum_cmp(num1,num2) BN_cmp(num1,num2)
+
+#endif /* OPENSSL_CRYPTO */
 
 MD5CTX md5_init(void);
 void md5_update(MD5CTX c, const void *data, unsigned long len);

libssh.pc.cmake

@@ -1,6 +0,0 @@
-Name: ${APPLICATION_NAME}
-Description: The SSH Library
-Version: ${APPLICATION_VERSION}
-Libs: -L${LIB_INSTALL_DIR} -lssh
-Cflags: -I${INCLUDE_INSTALL_DIR}
-

libssh/CMakeLists.txt

@@ -2,13 +2,13 @@ project(libssh-library C)
 
 set(LIBSSH_PUBLIC_INCLUDE_DIRS
   ${CMAKE_SOURCE_DIR}/include
+  ${CMAKE_CURRENT_SOURCE_DIR}
+  ${CMAKE_SOURCE_DIR}
   CACHE INTERNAL "libssh public include directories"
 )
 
 set(LIBSSH_PRIVATE_INCLUDE_DIRS
   ${CMAKE_BINARY_DIR}
-  ${OPENSSL_INCLUDE_DIRS}
-  ${GCRYPT_INCLUDE_DIRS}
   ${ZLIB_INCLUDE_DIRS}
 )
 
@@ -67,11 +67,6 @@ if (GCRYPT_LIBRARY)
   )
 endif (GCRYPT_LIBRARY)
 
-set(LIBSSH_LINK_LIBRARIES
-  ${LIBSSH_LINK_LIBRARIES}
-  CACHE INTERNAL "libssh link libraries"
-)
-
 set(libssh_SRCS
   agent.c
   auth.c
@@ -86,34 +81,34 @@ set(libssh_SRCS
   crypt.c
   dh.c
   error.c
-  getpass.c
   gcrypt_missing.c
   gzip.c
   init.c
   kex.c
   keyfiles.c
   keys.c
-  known_hosts.c
-  legacy.c
-  libcrypto.c
-  libgcrypt.c
   log.c
   match.c
   messages.c
   misc.c
   options.c
   packet.c
-  pcap.c
-  pki.c
   poll.c
   session.c
   scp.c
   socket.c
   string.c
-  threads.c
   wrapper.c
 )
 
+if (WITH_PCAP)
+  set(libssh_SRCS
+    ${libssh_SRCS}
+    pcap.c
+  )
+
+endif (WITH_PCAP)
+
 if (WITH_SFTP)
   set(libssh_SRCS
     ${libssh_SRCS}
@@ -133,7 +128,6 @@ if (WITH_SSH1)
     ${libssh_SRCS}
     auth1.c
     channels1.c
-    packet1.c
   )
 endif (WITH_SSH1)
 
@@ -141,7 +135,6 @@ if (WITH_SERVER)
   set(libssh_SRCS
     ${libssh_SRCS}
     server.c
-    bind.c
   )
 endif (WITH_SERVER)
 
@@ -191,19 +184,10 @@ if (WITH_STATIC_LIB)
           ${LIBRARY_VERSION}
         SOVERSION
           ${LIBRARY_SOVERSION}
-        OUTPUT_NAME
-          ssh
+        COMPILE_FLAGS
+          "-DLIBSSH_STATIC"
   )
 
-  if (WIN32)
-    set_target_properties(
-      ${LIBSSH_STATIC_LIBRARY}
-        PROPERTIES
-          COMPILE_FLAGS
-            "-DLIBSSH_STATIC"
-    )
-  endif (WIN32)
-
   install(
     TARGETS
       ${LIBSSH_STATIC_LIBRARY}
@@ -214,6 +198,3 @@ if (WITH_STATIC_LIB)
   )
 endif (WITH_STATIC_LIB)
 
-if (CMAKE_HAVE_THREADS_LIBRARY)
-    add_subdirectory(threads)
-endif (CMAKE_HAVE_THREADS_LIBRARY)

libssh/agent.c

@@ -27,7 +27,7 @@
  * How does the ssh-agent work?
  *
  * a) client sends a request to get a list of all keys
- *    the agent returns the count and all public keys
+ *    the agent returns the cound and all public keys
  * b) iterate over them to check if the server likes one
  * c) the client sends a sign request to the agent
  *    type, pubkey as blob, data to sign, flags
@@ -81,12 +81,12 @@ static void agent_put_u32(void *vp, uint32_t v) {
   p[3] = (uint8_t)v & 0xff;
 }
 
-static size_t atomicio(ssh_socket s, void *buf, size_t n, int do_read) {
+static size_t atomicio(struct socket *s, void *buf, size_t n, int do_read) {
   char *b = buf;
   size_t pos = 0;
   ssize_t res;
   ssh_pollfd_t pfd;
-  socket_t fd = ssh_socket_get_fd_in(s);
+  socket_t fd = ssh_socket_get_fd(s);
 
   pfd.fd = fd;
   pfd.events = do_read ? POLLIN : POLLOUT;
@@ -154,7 +154,7 @@ void agent_close(struct ssh_agent_struct *agent) {
 void agent_free(ssh_agent agent) {
   if (agent) {
     if (agent->ident) {
-      ssh_buffer_free(agent->ident);
+      buffer_free(agent->ident);
     }
     if (agent->sock) {
       agent_close(agent);
@@ -208,7 +208,7 @@ static int agent_talk(struct ssh_session_struct *session,
   uint32_t len = 0;
   uint8_t payload[1024] = {0};
 
-  len = buffer_get_rest_len(request);
+  len = buffer_get_len(request);
   ssh_log(session, SSH_LOG_PACKET, "agent_talk - len of request: %u", len);
   agent_put_u32(payload, len);
 
@@ -284,23 +284,23 @@ int agent_get_ident_count(struct ssh_session_struct *session) {
   }
 
   /* send message to the agent requesting the list of identities */
-  request = ssh_buffer_new();
+  request = buffer_new();
   if (buffer_add_u8(request, c1) < 0) {
     ssh_set_error(session, SSH_FATAL, "Not enough space");
     return -1;
   }
 
-  reply = ssh_buffer_new();
+  reply = buffer_new();
   if (reply == NULL) {
     ssh_set_error(session, SSH_FATAL, "Not enough space");
     return -1;
   }
 
   if (agent_talk(session, request, reply) < 0) {
-    ssh_buffer_free(request);
+    buffer_free(request);
     return 0;
   }
-  ssh_buffer_free(request);
+  buffer_free(request);
 
   /* get message type and verify the answer */
   buffer_get_u8(reply, (uint8_t *) &type);
@@ -323,7 +323,7 @@ int agent_get_ident_count(struct ssh_session_struct *session) {
     ssh_set_error(session, SSH_FATAL,
         "Too many identities in authentication reply: %d",
         session->agent->count);
-    ssh_buffer_free(reply);
+    buffer_free(reply);
     return -1;
   }
 
@@ -369,24 +369,24 @@ struct ssh_public_key_struct *agent_get_next_ident(struct ssh_session_struct *se
       /* get the comment */
       tmp = buffer_get_ssh_string(session->agent->ident);
       if (tmp == NULL) {
-        ssh_string_free(blob);
+        string_free(blob);
 
         return NULL;
       }
 
       if (comment) {
-        *comment = ssh_string_to_char(tmp);
+        *comment = string_to_char(tmp);
       } else {
-        ssh_string_free(blob);
-        ssh_string_free(tmp);
+        string_free(blob);
+        string_free(tmp);
 
         return NULL;
       }
-      ssh_string_free(tmp);
+      string_free(tmp);
 
       /* get key from blob */
       pubkey = publickey_from_string(session, blob);
-      ssh_string_free(blob);
+      string_free(blob);
       break;
     default:
       return NULL;
@@ -409,7 +409,7 @@ ssh_string agent_sign_data(struct ssh_session_struct *session,
   /* create blob from the pubkey */
   blob = publickey_to_string(pubkey);
 
-  request = ssh_buffer_new();
+  request = buffer_new();
   if (request == NULL) {
     goto error;
   }
@@ -425,11 +425,11 @@ ssh_string agent_sign_data(struct ssh_session_struct *session,
   }
 
   /* Add data */
-  dlen = buffer_get_rest_len(data);
+  dlen = buffer_get_len(data);
   if (buffer_add_u32(request, htonl(dlen)) < 0) {
     goto error;
   }
-  if (buffer_add_data(request, buffer_get_rest(data), dlen) < 0) {
+  if (buffer_add_data(request, buffer_get(data), dlen) < 0) {
     goto error;
   }
 
@@ -437,19 +437,19 @@ ssh_string agent_sign_data(struct ssh_session_struct *session,
     goto error;
   }
 
-  ssh_string_free(blob);
+  string_free(blob);
 
-  reply = ssh_buffer_new();
+  reply = buffer_new();
   if (reply == NULL) {
     goto error;
   }
 
   /* send the request */
   if (agent_talk(session, request, reply) < 0) {
-    ssh_buffer_free(request);
+    buffer_free(request);
     return NULL;
   }
-  ssh_buffer_free(request);
+  buffer_free(request);
 
   /* check if reply is valid */
   if (buffer_get_u8(reply, (uint8_t *) &type) != sizeof(uint8_t)) {
@@ -457,24 +457,24 @@ ssh_string agent_sign_data(struct ssh_session_struct *session,
   }
   if (agent_failed(type)) {
     ssh_log(session, SSH_LOG_RARE, "Agent reports failure in signing the key");
-    ssh_buffer_free(reply);
+    buffer_free(reply);
     return NULL;
   } else if (type != SSH2_AGENT_SIGN_RESPONSE) {
     ssh_set_error(session, SSH_FATAL, "Bad authentication response: %d", type);
-    ssh_buffer_free(reply);
+    buffer_free(reply);
     return NULL;
   }
 
   sig = buffer_get_ssh_string(reply);
 
-  ssh_buffer_free(reply);
+  buffer_free(reply);
 
   return sig;
 error:
   ssh_set_error(session, SSH_FATAL, "Not enough memory");
-  ssh_string_free(blob);
-  ssh_buffer_free(request);
-  ssh_buffer_free(reply);
+  string_free(blob);
+  buffer_free(request);
+  buffer_free(reply);
 
   return NULL;
 }

libssh/auth1.c

@@ -37,84 +37,77 @@
 static int wait_auth1_status(ssh_session session) {
   enter_function();
   /* wait for a packet */
-  while(session->auth_state == SSH_AUTH_STATE_NONE)
-    if (ssh_handle_packets(session,-1) != SSH_OK)
-      break;
-  ssh_log(session,SSH_LOG_PROTOCOL,"Auth state : %d",session->auth_state);
-  leave_function();
-  switch(session->auth_state) {
-    case SSH_AUTH_STATE_SUCCESS:
-      return SSH_AUTH_SUCCESS;
-    case SSH_AUTH_STATE_FAILED:
-      return SSH_AUTH_DENIED;
-    default:
-      return SSH_AUTH_ERROR;
+  if (packet_read(session) != SSH_OK) {
+    leave_function();
+    return SSH_AUTH_ERROR;
   }
-  return SSH_AUTH_ERROR;
-}
 
-void ssh_auth1_handler(ssh_session session, uint8_t type){
-  if(session->session_state != SSH_SESSION_STATE_AUTHENTICATING){
-    ssh_set_error(session,SSH_FATAL,"SSH_SMSG_SUCCESS or FAILED received in wrong state");
-    return;
+  if(packet_translate(session) != SSH_OK) {
+    leave_function();
+    return SSH_AUTH_ERROR;
   }
-  if(type==SSH_SMSG_SUCCESS){
-    session->auth_state=SSH_AUTH_STATE_SUCCESS;
-    session->session_state=SSH_SESSION_STATE_AUTHENTICATED;
-  } else if(type==SSH_SMSG_FAILURE)
-    session->auth_state=SSH_AUTH_STATE_FAILED;
+
+  switch(session->in_packet.type) {
+    case SSH_SMSG_SUCCESS:
+      leave_function();
+      return SSH_AUTH_SUCCESS;
+    case SSH_SMSG_FAILURE:
+      leave_function();
+      return SSH_AUTH_DENIED;
+  }
+
+  ssh_set_error(session, SSH_FATAL, "Was waiting for a SUCCESS or "
+      "FAILURE, got %d", session->in_packet.type);
+  leave_function();
+  return SSH_AUTH_ERROR;
 }
 
 static int send_username(ssh_session session, const char *username) {
   ssh_string user = NULL;
   /* returns SSH_AUTH_SUCCESS or SSH_AUTH_DENIED */
-  if(session->auth_service_state == SSH_AUTH_SERVICE_USER_SENT) {
-    if(session->auth_state == SSH_AUTH_STATE_FAILED)
-      return SSH_AUTH_DENIED;
-    if(session->auth_state == SSH_AUTH_STATE_SUCCESS)
-      return SSH_AUTH_SUCCESS;
-    return SSH_AUTH_ERROR;
+  enter_function();
+  if(session->auth_service_asked) {
+    leave_function();
+    return session->auth_service_asked;
   }
 
   if (!username) {
     if(!(username = session->username)) {
       if (ssh_options_set(session, SSH_OPTIONS_USER, NULL) < 0) {
-        session->auth_service_state = SSH_AUTH_SERVICE_DENIED;
-        return SSH_ERROR;
+        leave_function();
+        return session->auth_service_asked = SSH_AUTH_ERROR;
       } else {
         username = session->username;
       }
     }
   }
-  user = ssh_string_from_char(username);
+  user = string_from_char(username);
   if (user == NULL) {
+    leave_function();
     return SSH_AUTH_ERROR;
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_USER) < 0) {
-    ssh_string_free(user);
+    string_free(user);
+    leave_function();
     return SSH_AUTH_ERROR;
   }
   if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
-    ssh_string_free(user);
+    string_free(user);
+    leave_function();
     return SSH_AUTH_ERROR;
   }
-  ssh_string_free(user);
-  session->auth_state=SSH_AUTH_STATE_NONE;
-  if (packet_send(session) == SSH_ERROR) {
+  string_free(user);
+  if (packet_send(session) != SSH_OK) {
+    leave_function();
     return SSH_AUTH_ERROR;
   }
 
-  if(wait_auth1_status(session) == SSH_AUTH_SUCCESS){
-    session->auth_service_state=SSH_AUTH_SERVICE_USER_SENT;
-    session->auth_state=SSH_AUTH_STATE_SUCCESS;
-    return SSH_AUTH_SUCCESS;
-  } else {
-    session->auth_service_state=SSH_AUTH_SERVICE_USER_SENT;
-    ssh_set_error(session,SSH_REQUEST_DENIED,"Password authentication necessary for user %s",username);
-    return SSH_AUTH_DENIED;
-  }
-
+  session->auth_service_asked = wait_auth1_status(session);
+  if(session->auth_service_asked != SSH_AUTH_ERROR)
+    session->auth_methods=SSH_AUTH_METHOD_PASSWORD;
+  leave_function();
+  return session->auth_service_asked;
 }
 
 /* use the "none" authentication question */
@@ -122,6 +115,44 @@ int ssh_userauth1_none(ssh_session session, const char *username){
     return send_username(session, username);
 }
 
+/*
+int ssh_userauth_offer_pubkey(ssh_session session, char *username,int type, ssh_string publickey){
+    ssh_string user;
+    ssh_string service;
+    ssh_string method;
+    ssh_string algo;
+    int err=SSH_AUTH_ERROR;
+    if(!username)
+        if(!(username=session->options->username)){
+            if(options_default_username(session->options))
+                return SSH_AUTH_ERROR;
+            else
+                username=session->options->username;
+        }
+    if(ask_userauth(session))
+        return SSH_AUTH_ERROR;
+    user=string_from_char(username);
+    service=string_from_char("ssh-connection");
+    method=string_from_char("publickey");
+    algo=string_from_char(ssh_type_to_char(type));
+
+    packet_clear_out(session);
+    buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST);
+    buffer_add_ssh_string(session->out_buffer,user);
+    buffer_add_ssh_string(session->out_buffer,service);
+    buffer_add_ssh_string(session->out_buffer,method);
+    buffer_add_u8(session->out_buffer,0);
+    buffer_add_ssh_string(session->out_buffer,algo);
+    buffer_add_ssh_string(session->out_buffer,publickey);
+    packet_send(session);
+    err=wait_auth_status(session,0);
+    free(user);
+    free(method);
+    free(service);
+    free(algo);
+    return err;
+}
+*/
 /** \internal
  * \todo implement ssh1 public key
  */
@@ -131,19 +162,63 @@ int ssh_userauth1_offer_pubkey(ssh_session session, const char *username,
   (void) username;
   (void) type;
   (void) pubkey;
-  enter_function();
-  leave_function();
   return SSH_AUTH_DENIED;
 }
 
+/*
+int ssh_userauth_pubkey(ssh_session session, char *username, ssh_string publickey, ssh_private_key privatekey){
+    ssh_string user;
+    ssh_string service;
+    ssh_string method;
+    ssh_string algo;
+    ssh_string sign;
+    int err=SSH_AUTH_ERROR;
+    if(!username)
+        if(!(username=session->options->username)){
+            if(options_default_username(session->options))
+                return err;
+            else
+                username=session->options->username;
+        }
+    if(ask_userauth(session))
+        return err;
+    user=string_from_char(username);
+    service=string_from_char("ssh-connection");
+    method=string_from_char("publickey");
+    algo=string_from_char(ssh_type_to_char(privatekey->type));
+
+
+*/    /* we said previously the public key was accepted */
+/*    packet_clear_out(session);
+    buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST);
+    buffer_add_ssh_string(session->out_buffer,user);
+    buffer_add_ssh_string(session->out_buffer,service);
+    buffer_add_ssh_string(session->out_buffer,method);
+    buffer_add_u8(session->out_buffer,1);
+    buffer_add_ssh_string(session->out_buffer,algo);
+    buffer_add_ssh_string(session->out_buffer,publickey);
+    sign=ssh_do_sign(session,session->out_buffer,privatekey);
+    if(sign){
+        buffer_add_ssh_string(session->out_buffer,sign);
+        free(sign);
+        packet_send(session);
+        err=wait_auth_status(session,0);
+    }
+    free(user);
+    free(service);
+    free(method);
+    free(algo);
+    return err;
+}
+*/
+
 int ssh_userauth1_password(ssh_session session, const char *username,
     const char *password) {
   ssh_string pwd = NULL;
   int rc;
-  enter_function();
+
   rc = send_username(session, username);
   if (rc != SSH_AUTH_DENIED) {
-    leave_function();
     return rc;
   }
 
@@ -156,9 +231,8 @@ int ssh_userauth1_password(ssh_session session, const char *username,
   /* cisco IOS doesn't like when a password is followed by zeroes and random pad. */
   if(1 || strlen(password) >= 128) {
     /* not risky to disclose the size of such a big password .. */
-    pwd = ssh_string_from_char(password);
+    pwd = string_from_char(password);
     if (pwd == NULL) {
-      leave_function();
       return SSH_AUTH_ERROR;
     }
   } else {
@@ -168,9 +242,8 @@ int ssh_userauth1_password(ssh_session session, const char *username,
      * why garbage ? because nul bytes will be compressed by
      * gzip and disclose password len.
      */
-    pwd = ssh_string_new(128);
+    pwd = string_new(128);
     if (pwd == NULL) {
-      leave_function();
       return SSH_AUTH_ERROR;
     }
     ssh_get_random( pwd->string, 128, 0);
@@ -178,28 +251,24 @@ int ssh_userauth1_password(ssh_session session, const char *username,
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_AUTH_PASSWORD) < 0) {
-    ssh_string_burn(pwd);
-    ssh_string_free(pwd);
-    leave_function();
+    string_burn(pwd);
+    string_free(pwd);
     return SSH_AUTH_ERROR;
   }
   if (buffer_add_ssh_string(session->out_buffer, pwd) < 0) {
-    ssh_string_burn(pwd);
-    ssh_string_free(pwd);
-    leave_function();
+    string_burn(pwd);
+    string_free(pwd);
     return SSH_AUTH_ERROR;
   }
 
-  ssh_string_burn(pwd);
-  ssh_string_free(pwd);
-  session->auth_state=SSH_AUTH_STATE_NONE;
-  if (packet_send(session) == SSH_ERROR) {
-    leave_function();
+  string_burn(pwd);
+  string_free(pwd);
+
+  if (packet_send(session) != SSH_OK) {
     return SSH_AUTH_ERROR;
   }
-  rc = wait_auth1_status(session);
-  leave_function();
-  return rc;
+
+  return wait_auth1_status(session);
 }
 
 #endif /* WITH_SSH1 */

libssh/base64.c

@@ -39,9 +39,9 @@ static char alphabet[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
 #define SET_C(n, i) do { (n) |= ((i) & 63) << 6; } while (0)
 #define SET_D(n, i) do { (n) |= ((i) & 63); } while (0)
 
-#define GET_A(n) (unsigned char) (((n) & 0xff0000) >> 16)
-#define GET_B(n) (unsigned char) (((n) & 0xff00) >> 8)
-#define GET_C(n) (unsigned char) ((n) & 0xff)
+#define GET_A(n) (((n) & 0xff0000) >> 16)
+#define GET_B(n) (((n) & 0xff00) >> 8)
+#define GET_C(n) ((n) & 0xff)
 
 static int _base64_to_bin(unsigned char dest[3], const char *source, int num);
 static int get_equals(char *string);
@@ -77,7 +77,7 @@ ssh_buffer base64_to_bin(const char *source) {
     return NULL;
   }
 
-  buffer = ssh_buffer_new();
+  buffer = buffer_new();
   if (buffer == NULL) {
     SAFE_FREE(base64);
     return NULL;
@@ -162,7 +162,7 @@ ssh_buffer base64_to_bin(const char *source) {
 
 error:
   SAFE_FREE(base64);
-  ssh_buffer_free(buffer);
+  buffer_free(buffer);
   return NULL;
 }
 

libssh/buffer.c

@@ -30,26 +30,20 @@
 
 #include "libssh/priv.h"
 #include "libssh/buffer.h"
+/** \defgroup ssh_buffer SSH Buffers
+ * \brief buffer handling
+ */
 
-/**
- * @defgroup libssh_buffer The SSH buffer functions.
- * @ingroup libssh
- *
- * Functions to handle SSH buffers.
- *
+/** \addtogroup ssh_buffer
  * @{
  */
 
+/** \brief checks that preconditions and postconditions are valid
+ * \internal
+ */
 
 #ifdef DEBUG_BUFFER
-/**
- * @internal
- *
- * @brief Check that preconditions and postconditions are valid.
- *
- * @param[in]  buf      The buffer to check.
- */
-static void buffer_verify(ssh_buffer buf){
+static void buffer_verify(struct buffer_struct *buf){
   int doabort=0;
   if(buf->data == NULL)
     return;
@@ -73,12 +67,10 @@ static void buffer_verify(ssh_buffer buf){
 #define buffer_verify(x)
 #endif
 
-/**
- * @brief Create a new SSH buffer.
- *
- * @return A newly initialized SSH buffer, NULL on error.
+/** \brief creates a new buffer
+ * \return a new initialized buffer, NULL on error.
  */
-struct ssh_buffer_struct *ssh_buffer_new(void) {
+struct ssh_buffer_struct *buffer_new(void) {
   struct ssh_buffer_struct *buf = malloc(sizeof(struct ssh_buffer_struct));
 
   if (buf == NULL) {
@@ -89,12 +81,10 @@ struct ssh_buffer_struct *ssh_buffer_new(void) {
   return buf;
 }
 
-/**
- * @brief Deallocate a SSH buffer.
- *
- * \param[in]  buffer   The buffer to free.
+/** \brief deallocate a buffer
+ * \param buffer buffer to free
  */
-void ssh_buffer_free(struct ssh_buffer_struct *buffer) {
+void buffer_free(struct ssh_buffer_struct *buffer) {
   if (buffer == NULL) {
     return;
   }
@@ -114,7 +104,7 @@ static int realloc_buffer(struct ssh_buffer_struct *buffer, int needed) {
   char *new = NULL;
   buffer_verify(buffer);
   /* Find the smallest power of two which is greater or equal to needed */
-  while(smallest <= needed) {
+  while(smallest < needed) {
     smallest <<= 1;
   }
   needed = smallest;
@@ -128,28 +118,10 @@ static int realloc_buffer(struct ssh_buffer_struct *buffer, int needed) {
   return 0;
 }
 
-/** @internal
- * @brief shifts a buffer to remove unused data in the beginning
- * @param buffer SSH buffer
- */
-static void buffer_shift(ssh_buffer buffer){
-  buffer_verify(buffer);
-  if(buffer->pos==0)
-    return;
-  memmove(buffer->data, buffer->data + buffer->pos, buffer->used - buffer->pos);
-  buffer->used -= buffer->pos;
-  buffer->pos=0;
-  buffer_verify(buffer);
-}
-
-/**
- * @internal
- *
- * @brief Reinitialize a SSH buffer.
- *
- * @param[in]  buffer   The buffer to reinitialize.
- *
- * @return              0 on success, < 0 on error.
+/* \internal
+ * \brief reinitialize a buffer
+ * \param buffer buffer
+ * \return 0 on sucess, < 0 on error
  */
 int buffer_reinit(struct ssh_buffer_struct *buffer) {
   buffer_verify(buffer);
@@ -165,24 +137,15 @@ int buffer_reinit(struct ssh_buffer_struct *buffer) {
   return 0;
 }
 
-/**
- * @internal
- *
- * @brief Add data at the tail of a buffer.
- *
- * @param[in]  buffer   The buffer to add the data.
- *
- * @param[in]  data     A pointer to the data to add.
- *
- * @param[in]  len      The length of the data to add.
- *
- * @return              0 on success, < 0 on error.
+/** \internal
+ * \brief add data at tail of the buffer
+ * \param buffer buffer
+ * \param data data pointer
+ * \param len length of data
  */
 int buffer_add_data(struct ssh_buffer_struct *buffer, const void *data, uint32_t len) {
   buffer_verify(buffer);
   if (buffer->allocated < (buffer->used + len)) {
-    if(buffer->pos > 0)
-      buffer_shift(buffer);
     if (realloc_buffer(buffer, buffer->used + len) < 0) {
       return -1;
     }
@@ -194,22 +157,17 @@ int buffer_add_data(struct ssh_buffer_struct *buffer, const void *data, uint32_t
   return 0;
 }
 
-/**
- * @internal
- *
- * @brief Add a SSH string to the tail of a buffer.
- *
- * @param[in]  buffer   The buffer to add the string.
- *
- * @param[in]  string   The SSH String to add.
- *
- * @return              0 on success, < 0 on error.
+/** \internal
+ * \brief add a SSH string to the tail of buffer
+ * \param buffer buffer
+ * \param string SSH String to add
+ * \return 0 on success, -1 on error.
  */
 int buffer_add_ssh_string(struct ssh_buffer_struct *buffer,
     struct ssh_string_struct *string) {
   uint32_t len = 0;
 
-  len = ssh_string_len(string);
+  len = string_len(string);
   if (buffer_add_data(buffer, string, len + sizeof(uint32_t)) < 0) {
     return -1;
   }
@@ -217,16 +175,11 @@ int buffer_add_ssh_string(struct ssh_buffer_struct *buffer,
   return 0;
 }
 
-/**
- * @internal
- *
- * @brief Add a 32 bits unsigned integer to the tail of a buffer.
- *
- * @param[in]  buffer   The buffer to add the integer.
- *
- * @param[in]  data     The 32 bits integer to add.
- *
- * @return              0 on success, -1 on error.
+/** \internal
+ * \brief add a 32 bits unsigned integer to the tail of buffer
+ * \param buffer buffer
+ * \param data 32 bits integer
+ * \return 0 on success, -1 on error.
  */
 int buffer_add_u32(struct ssh_buffer_struct *buffer,uint32_t data){
   if (buffer_add_data(buffer, &data, sizeof(data)) < 0) {
@@ -236,16 +189,11 @@ int buffer_add_u32(struct ssh_buffer_struct *buffer,uint32_t data){
   return 0;
 }
 
-/**
- * @internal
- *
- * @brief Add a 16 bits unsigned integer to the tail of a buffer.
- *
- * @param[in]  buffer   The buffer to add the integer.
- *
- * @param[in]  data     The 16 bits integer to add.
- *
- * @return              0 on success, -1 on error.
+/** \internal
+ * \brief add a 16 bits unsigned integer to the tail of buffer
+ * \param buffer buffer
+ * \param data 16 bits integer
+ * \return 0 on success, -1 on error.
  */
 int buffer_add_u16(struct ssh_buffer_struct *buffer,uint16_t data){
   if (buffer_add_data(buffer, &data, sizeof(data)) < 0) {
@@ -255,16 +203,11 @@ int buffer_add_u16(struct ssh_buffer_struct *buffer,uint16_t data){
   return 0;
 }
 
-/**
- * @internal
- *
- * @brief Add a 64 bits unsigned integer to the tail of a buffer.
- *
- * @param[in]  buffer   The buffer to add the integer.
- *
- * @param[in]  data     The 64 bits integer to add.
- *
- * @return              0 on success, -1 on error.
+/** \internal
+ * \brief add a 64 bits unsigned integer to the tail of buffer
+ * \param buffer buffer
+ * \param data 64 bits integer
+ * \return 0 on success, -1 on error.
  */
 int buffer_add_u64(struct ssh_buffer_struct *buffer, uint64_t data){
   if (buffer_add_data(buffer, &data, sizeof(data)) < 0) {
@@ -273,17 +216,11 @@ int buffer_add_u64(struct ssh_buffer_struct *buffer, uint64_t data){
 
   return 0;
 }
-
-/**
- * @internal
- *
- * @brief Add a 8 bits unsigned integer to the tail of a buffer.
- *
- * @param[in]  buffer   The buffer to add the integer.
- *
- * @param[in]  data     The 8 bits integer to add.
- *
- * @return              0 on success, -1 on error.
+/** \internal
+ * \brief add a 8 bits unsigned integer to the tail of buffer
+ * \param buffer buffer
+ * \param data 8 bits integer
+ * \return 0 on success, -1 on error.
  */
 int buffer_add_u8(struct ssh_buffer_struct *buffer,uint8_t data){
   if (buffer_add_data(buffer, &data, sizeof(uint8_t)) < 0) {
@@ -293,139 +230,91 @@ int buffer_add_u8(struct ssh_buffer_struct *buffer,uint8_t data){
   return 0;
 }
 
-/**
- * @internal
- *
- * @brief Add data at the head of a buffer.
- *
- * @param[in]  buffer   The buffer to add the data.
- *
- * @param[in]  data     The data to prepend.
- *
- * @param[in]  len      The length of data to prepend.
- *
- * @return              0 on success, -1 on error.
+/** \internal
+ * \brief add data at head of a buffer
+ * \param buffer buffer
+ * \param data data to add
+ * \param len length of data
+ * \return 0 on success, -1 on error.
  */
 int buffer_prepend_data(struct ssh_buffer_struct *buffer, const void *data,
     uint32_t len) {
   buffer_verify(buffer);
-
-  if(len <= buffer->pos){
-    /* It's possible to insert data between begin and pos */
-    memcpy(buffer->data + (buffer->pos - len), data, len);
-    buffer->pos -= len;
-    buffer_verify(buffer);
-    return 0;
-  }
-  /* pos isn't high enough */
-  if (buffer->allocated < (buffer->used - buffer->pos + len)) {
-    if (realloc_buffer(buffer, buffer->used - buffer->pos + len) < 0) {
+  if (buffer->allocated < (buffer->used + len)) {
+    if (realloc_buffer(buffer, buffer->used + len) < 0) {
       return -1;
     }
   }
-  memmove(buffer->data + len, buffer->data + buffer->pos, buffer->used - buffer->pos);
+  memmove(buffer->data + len, buffer->data, buffer->used);
   memcpy(buffer->data, data, len);
-  buffer->used += len - buffer->pos;
-  buffer->pos = 0;
+  buffer->used += len;
   buffer_verify(buffer);
   return 0;
 }
 
-/**
- * @internal
- *
- * @brief Append data from a buffer to the tail of another buffer.
- *
- * @param[in]  buffer   The destination buffer.
- *
- * @param[in]  source   The source buffer to append. It doesn't take the
- *                      position of the buffer into account.
- *
- * @return              0 on success, -1 on error.
+/** \internal
+ * \brief append data from a buffer to tail of another
+ * \param buffer destination buffer
+ * \param source source buffer. Doesn't take position in buffer into account
+ * \return 0 on success, -1 on error.
  */
 int buffer_add_buffer(struct ssh_buffer_struct *buffer,
     struct ssh_buffer_struct *source) {
-  if (buffer_add_data(buffer, buffer_get_rest(source), buffer_get_rest_len(source)) < 0) {
+  if (buffer_add_data(buffer, buffer_get(source), buffer_get_len(source)) < 0) {
     return -1;
   }
 
   return 0;
 }
 
-/**
- * @brief Get a pointer on the head of a buffer.
- *
- * @param[in]  buffer   The buffer to get the head pointer.
- *
- * @return              A data pointer on the head. It doesn't take the position
- *                      into account.
- *
- * @warning Don't expect data to be nul-terminated.
- *
- * @see buffer_get_rest()
- * @see buffer_get_len()
+/** \brief get a pointer on the head of the buffer
+ * \param buffer buffer
+ * \return data pointer on the head. Doesn't take position into account.
+ * \warning don't expect data to be nul-terminated
+ * \see buffer_get_rest()
+ * \see buffer_get_len()
  */
-void *ssh_buffer_get_begin(struct ssh_buffer_struct *buffer){
+void *buffer_get(struct ssh_buffer_struct *buffer){
   return buffer->data;
 }
 
-/**
- * @internal
- *
- * @brief Get a pointer to the head of a buffer at the current position.
- *
- * @param[in]  buffer   The buffer to get the head pointer.
- *
- * @return              A pointer to the data from current position.
- *
- * @see buffer_get_rest_len()
- * @see buffer_get()
+/** \internal
+ * \brief get a pointer to head of the buffer at current position
+ * \param buffer buffer
+ * \return pointer to the data from current position
+ * \see buffer_get_rest_len()
+ * \see buffer_get()
  */
 void *buffer_get_rest(struct ssh_buffer_struct *buffer){
     return buffer->data + buffer->pos;
 }
 
-/**
- * @brief Get the length of the buffer, not counting position.
- *
- * @param[in]  buffer   The buffer to get the length from.
- *
- * @return              The length of the buffer.
- *
- * @see buffer_get()
+/** \brief get length of the buffer, not counting position
+ * \param buffer
+ * \return length of the buffer
+ * \see buffer_get()
  */
-uint32_t ssh_buffer_get_len(struct ssh_buffer_struct *buffer){
+uint32_t buffer_get_len(struct ssh_buffer_struct *buffer){
     return buffer->used;
 }
 
-/**
- * @internal
- *
- * @brief Get the length of the buffer from the current position.
- *
- * @param[in]  buffer   The buffer to get the length from.
- *
- * @return              The length of the buffer.
- *
- * @see buffer_get_rest()
+/** \internal
+ *  \brief get length of the buffer from the current position
+ * \param buffer
+ * \return length of the buffer
+ * \see buffer_get_rest()
  */
 uint32_t buffer_get_rest_len(struct ssh_buffer_struct *buffer){
   buffer_verify(buffer);
   return buffer->used - buffer->pos;
 }
 
-/**
- * @internal
- *
- * @brief Advance the position in the buffer.
- *
- * This has effect to "eat" bytes at head of the buffer.
- *
- * @param[in]  buffer   The buffer to advance the position.
- *
- * @param[in]  len      The number of bytes to eat.
- *
- * @return              The new size of the buffer.
+/** \internal
+ * has effect to "eat" bytes at head of the buffer
+ * \brief advance the position in the buffer
+ * \param buffer buffer
+ * \param len number of bytes to eat
+ * \return new size of the buffer
  */
 uint32_t buffer_pass_bytes(struct ssh_buffer_struct *buffer, uint32_t len){
     buffer_verify(buffer);
@@ -441,16 +330,11 @@ uint32_t buffer_pass_bytes(struct ssh_buffer_struct *buffer, uint32_t len){
     return len;
 }
 
-/**
- * @internal
- *
- * @brief Cut the end of the buffer.
- *
- * @param[in]  buffer   The buffer to cut.
- *
- * @param[in]  len      The number of bytes to remove from the tail.
- *
- * @return              The new size of the buffer.
+/** \internal
+ * \brief cut the end of the buffer
+ * \param buffer buffer
+ * \param len number of bytes to remove from tail
+ * \return new size of the buffer
  */
 uint32_t buffer_pass_bytes_end(struct ssh_buffer_struct *buffer, uint32_t len){
   buffer_verify(buffer);
@@ -461,18 +345,13 @@ uint32_t buffer_pass_bytes_end(struct ssh_buffer_struct *buffer, uint32_t len){
   return len;
 }
 
-/**
- * @internal
- *
- * @brief Get the remaining data out of the buffer and adjust the read pointer.
- *
- * @param[in]  buffer   The buffer to read.
- *
- * @param[in]  data     The data buffer where to store the data.
- *
- * @param[in]  len      The length to read from the buffer.
- *
- * @returns             0 if there is not enough data in buffer, len otherwise.
+/** \internal
+ * \brief gets remaining data out of the buffer. Adjust the read pointer.
+ * \param buffer Buffer to read
+ * \param data data buffer where to store the data
+ * \param len length to read from the buffer
+ * \returns 0 if there is not enough data in buffer
+ * \returns len otherwise.
  */
 uint32_t buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint32_t len){
     /*
@@ -486,18 +365,12 @@ uint32_t buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint32_t
     buffer->pos+=len;
     return len;   /* no yet support for partial reads (is it really needed ?? ) */
 }
-
-/**
- * @internal
- *
- * @brief Get a 8 bits unsigned int out of the buffer and adjusts the read
- * pointer.
- *
- * @param[in]  buffer   The buffer to read.
- *
- * @param[in]   data    A pointer to a uint8_t where to store the data.
- *
- * @returns             0 if there is not enough data in buffer, 1 otherwise.
+/** \internal
+ * \brief gets a 8 bits unsigned int out of the buffer. Adjusts the read pointer.
+ * \param buffer Buffer to read
+ * \param data pointer to a uint8_t where to store the data
+ * \returns 0 if there is not enough data in buffer
+ * \returns 1 otherwise.
  */
 int buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){
     return buffer_get_data(buffer,data,sizeof(uint8_t));
@@ -513,30 +386,21 @@ int buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){
 int buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){
     return buffer_get_data(buffer,data,sizeof(uint32_t));
 }
-/**
- * @internal
- *
- * @brief Get a 64 bits unsigned int out of the buffer and adjusts the read
- * pointer.
- *
- * @param[in]  buffer   The buffer to read.
- *
- * @param[in]  data     A pointer to a uint64_t where to store the data.
- *
- * @returns             0 if there is not enough data in buffer, 8 otherwise.
+/** \internal
+ * \brief gets a 64 bits unsigned int out of the buffer. Adjusts the read pointer.
+ * \param buffer Buffer to read
+ * \param data pointer to a uint64_t where to store the data
+ * \returns 0 if there is not enough data in buffer
+ * \returns 8 otherwise.
  */
 int buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){
     return buffer_get_data(buffer,data,sizeof(uint64_t));
 }
-
-/**
- * @internal
- *
- * @brief Get a SSH String out of the buffer and adjusts the read pointer.
- *
- * @param[in]  buffer   The buffer to read.
- *
- * @returns             The SSH String, NULL on error.
+/** \internal
+ * \brief gets a SSH String out of the buffer. Adjusts the read pointer.
+ * \param buffer Buffer to read
+ * \returns The SSH String read
+ * \returns NULL otherwise.
  */
 struct ssh_string_struct *buffer_get_ssh_string(struct ssh_buffer_struct *buffer) {
   uint32_t stringlen;
@@ -551,11 +415,11 @@ struct ssh_string_struct *buffer_get_ssh_string(struct ssh_buffer_struct *buffer
   if ((buffer->pos + hostlen) > buffer->used) {
     return NULL; /* it is indeed */
   }
-  str = ssh_string_new(hostlen);
+  str = string_new(hostlen);
   if (str == NULL) {
     return NULL;
   }
-  if (buffer_get_data(buffer, ssh_string_data(str), hostlen) != hostlen) {
+  if (buffer_get_data(buffer, string_data(str), hostlen) != hostlen) {
     /* should never happen */
     SAFE_FREE(str);
     return NULL;
@@ -563,18 +427,14 @@ struct ssh_string_struct *buffer_get_ssh_string(struct ssh_buffer_struct *buffer
 
   return str;
 }
-
-/**
- * @internal
- *
- * @brief Get a mpint out of the buffer and adjusts the read pointer.
- *
- * @note This function is SSH-1 only.
- *
- * @param[in]  buffer   The buffer to read.
- *
- * @returns             The SSH String containing the mpint, NULL on error.
+/** \internal
+ * \brief gets a mpint out of the buffer. Adjusts the read pointer.
+ * SSH-1 only
+ * \param buffer Buffer to read
+ * \returns the SSH String containing the mpint
+ * \returns NULL otherwise
  */
+
 struct ssh_string_struct *buffer_get_mpint(struct ssh_buffer_struct *buffer) {
   uint16_t bits;
   uint32_t len;
@@ -588,17 +448,15 @@ struct ssh_string_struct *buffer_get_mpint(struct ssh_buffer_struct *buffer) {
   if ((buffer->pos + len) > buffer->used) {
     return NULL;
   }
-  str = ssh_string_new(len);
+  str = string_new(len);
   if (str == NULL) {
     return NULL;
   }
-  if (buffer_get_data(buffer, ssh_string_data(str), len) != len) {
+  if (buffer_get_data(buffer, string_data(str), len) != len) {
     SAFE_FREE(str);
     return NULL;
   }
   return str;
 }
-
 /** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/callbacks.c

@@ -1,7 +1,9 @@
 /*
+ * callbacks.c - callback functions
+ *
  * This file is part of the SSH Library
  *
- * Copyright (c) 2009 by Aris Adamantiadis
+ * Copyright (c) 2009      by Andreas Schneider <mail@cynapses.org>
  *
  * The SSH Library is free software; you can redistribute it and/or modify
  * it under the terms of the GNU Lesser General Public License as published by
@@ -19,15 +21,17 @@
  * MA 02111-1307, USA.
  */
 
-#ifndef KEX_H_
-#define KEX_H_
+#include "config.h"
 
-#include "libssh/priv.h"
 #include "libssh/callbacks.h"
+#include "libssh/session.h"
 
-SSH_PACKET_CALLBACK(ssh_packet_kexinit);
-#ifdef WITH_SSH1
-SSH_PACKET_CALLBACK(ssh_packet_publickey1);
-#endif
+int ssh_set_callbacks(ssh_session session, ssh_callbacks cb) {
+  if (session == NULL || cb == NULL) {
+    return -1;
+  }
 
-#endif /* KEX_H_ */
+  session->callbacks = cb;
+
+  return 0;
+}

libssh/channels1.c

@@ -24,12 +24,11 @@
 
 #include <string.h>
 #include <stdlib.h>
+#include <unistd.h>
 #include <stdio.h>
 #ifndef _WIN32
 #include <arpa/inet.h>
-#include <unistd.h>
 #endif
-
 #include "libssh/priv.h"
 #include "libssh/ssh1.h"
 #include "libssh/buffer.h"
@@ -42,9 +41,9 @@
 /*
  * This is a big hack. In fact, SSH1 doesn't make a clever use of channels.
  * The whole packets concerning shells are sent outside of a channel.
- * Thus, an inside limitation of this behavior is that you can't only
+ * Thus, an inside limitation of this behaviour is that you can't only
  * request one shell.
- * The question is still how they managed to embed two "channel" into one
+ * The question is stil how they managed to imbed two "channel" into one
  * protocol.
  */
 
@@ -61,7 +60,7 @@ int channel_open_session1(ssh_channel chan) {
     return -1;
   }
   session->exec_channel_opened = 1;
-  chan->state = SSH_CHANNEL_STATE_OPEN;
+  chan->open = 1;
   chan->local_maxpacket = 32000;
   chan->local_window = 64000;
   ssh_log(session, SSH_LOG_PACKET, "Opened a SSH1 channel session");
@@ -85,22 +84,18 @@ int channel_request_pty_size1(ssh_channel channel, const char *terminal, int col
     int row) {
   ssh_session session = channel->session;
   ssh_string str = NULL;
-  if(channel->request_state != SSH_CHANNEL_REQ_STATE_NONE){
-    ssh_set_error(session,SSH_REQUEST_DENIED,"Wrong request state");
-    return SSH_ERROR;
-  }
-  str = ssh_string_from_char(terminal);
+
+  str = string_from_char(terminal);
   if (str == NULL) {
-    ssh_set_error_oom(session);
     return -1;
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_REQUEST_PTY) < 0 ||
       buffer_add_ssh_string(session->out_buffer, str) < 0) {
-    ssh_string_free(str);
+    string_free(str);
     return -1;
   }
-  ssh_string_free(str);
+  string_free(str);
 
   if (buffer_add_u32(session->out_buffer, ntohl(row)) < 0 ||
       buffer_add_u32(session->out_buffer, ntohl(col)) < 0 ||
@@ -111,72 +106,68 @@ int channel_request_pty_size1(ssh_channel channel, const char *terminal, int col
   }
 
   ssh_log(session, SSH_LOG_FUNCTIONS, "Opening a ssh1 pty");
-
-  if (packet_send(session) == SSH_ERROR) {
+  if (packet_send(session) != SSH_OK ||
+      packet_read(session) != SSH_OK ||
+      packet_translate(session) != SSH_OK) {
     return -1;
   }
-  switch(channel->request_state){
-    case SSH_CHANNEL_REQ_STATE_ERROR:
-    case SSH_CHANNEL_REQ_STATE_PENDING:
-    case SSH_CHANNEL_REQ_STATE_NONE:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
-      return SSH_ERROR;
-    case SSH_CHANNEL_REQ_STATE_ACCEPTED:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
+
+  switch (session->in_packet.type) {
+    case SSH_SMSG_SUCCESS:
       ssh_log(session, SSH_LOG_RARE, "PTY: Success");
-      return SSH_OK;
-    case SSH_CHANNEL_REQ_STATE_DENIED:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
+      return 0;
+      break;
+    case SSH_SMSG_FAILURE:
       ssh_set_error(session, SSH_REQUEST_DENIED,
           "Server denied PTY allocation");
       ssh_log(session, SSH_LOG_RARE, "PTY: denied\n");
-      return SSH_ERROR;
+      break;
+    default:
+      ssh_log(session, SSH_LOG_RARE, "PTY: error\n");
+      ssh_set_error(session, SSH_FATAL,
+          "Received unexpected packet type %d",
+          session->in_packet.type);
+      return -1;
   }
-  // Not reached
-  return SSH_ERROR;
+
+  return -1;
 }
 
 int channel_change_pty_size1(ssh_channel channel, int cols, int rows) {
   ssh_session session = channel->session;
-  if(channel->request_state != SSH_CHANNEL_REQ_STATE_NONE){
-    ssh_set_error(session,SSH_REQUEST_DENIED,"Wrong request state");
-    return SSH_ERROR;
-  }
+
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_WINDOW_SIZE) < 0 ||
       buffer_add_u32(session->out_buffer, ntohl(rows)) < 0 ||
       buffer_add_u32(session->out_buffer, ntohl(cols)) < 0 ||
       buffer_add_u32(session->out_buffer, 0) < 0 ||
       buffer_add_u32(session->out_buffer, 0) < 0) {
-    return SSH_ERROR;
-  }
-  channel->request_state=SSH_CHANNEL_REQ_STATE_PENDING;
-  if (packet_send(session) == SSH_ERROR) {
-    return SSH_ERROR;
+    return -1;
   }
 
-  ssh_log(session, SSH_LOG_PROTOCOL, "Change pty size send");
-  while(channel->request_state==SSH_CHANNEL_REQ_STATE_PENDING){
-    ssh_handle_packets(session,-1);
+  if (packet_send(session)) {
+    return -1;
   }
-  switch(channel->request_state){
-    case SSH_CHANNEL_REQ_STATE_ERROR:
-    case SSH_CHANNEL_REQ_STATE_PENDING:
-    case SSH_CHANNEL_REQ_STATE_NONE:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
-      return SSH_ERROR;
-    case SSH_CHANNEL_REQ_STATE_ACCEPTED:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
-      ssh_log(session, SSH_LOG_PROTOCOL, "pty size changed");
-      return SSH_OK;
-    case SSH_CHANNEL_REQ_STATE_DENIED:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
+
+  ssh_log(session, SSH_LOG_RARE, "Change pty size send");
+
+  if (packet_wait(session, SSH_SMSG_SUCCESS, 1) != SSH_OK) {
+    return -1;
+  }
+
+  switch (session->in_packet.type) {
+    case SSH_SMSG_SUCCESS:
+      ssh_log(session, SSH_LOG_RARE, "pty size changed");
+      return 0;
+    case SSH_SMSG_FAILURE:
       ssh_log(session, SSH_LOG_RARE, "pty size change denied");
       ssh_set_error(session, SSH_REQUEST_DENIED, "pty size change denied");
-      return SSH_ERROR;
+      return -1;
   }
-  // Not reached
-  return SSH_ERROR;
 
+  ssh_set_error(session, SSH_FATAL, "Received unexpected packet type %d",
+      session->in_packet.type);
+
+  return -1;
 }
 
 int channel_request_shell1(ssh_channel channel) {
@@ -186,7 +177,7 @@ int channel_request_shell1(ssh_channel channel) {
     return -1;
   }
 
-  if (packet_send(session) == SSH_ERROR) {
+  if (packet_send(session) != SSH_OK) {
     return -1;
   }
 
@@ -199,19 +190,19 @@ int channel_request_exec1(ssh_channel channel, const char *cmd) {
   ssh_session session = channel->session;
   ssh_string command = NULL;
 
-  command = ssh_string_from_char(cmd);
+  command = string_from_char(cmd);
   if (command == NULL) {
     return -1;
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_EXEC_CMD) < 0 ||
       buffer_add_ssh_string(session->out_buffer, command) < 0) {
-    ssh_string_free(command);
+    string_free(command);
     return -1;
   }
-  ssh_string_free(command);
+  string_free(command);
 
-  if(packet_send(session) == SSH_ERROR) {
+  if(packet_send(session) != SSH_OK) {
     return -1;
   }
 
@@ -220,52 +211,79 @@ int channel_request_exec1(ssh_channel channel, const char *cmd) {
   return 0;
 }
 
-SSH_PACKET_CALLBACK(ssh_packet_data1){
+static int channel_rcv_data1(ssh_session session, int is_stderr) {
     ssh_channel channel = session->channels;
     ssh_string str = NULL;
-    int is_stderr=(type==SSH_SMSG_STDOUT_DATA ? 0 : 1);
-    (void)user;
-    str = buffer_get_ssh_string(packet);
+
+    str = buffer_get_ssh_string(session->in_buffer);
     if (str == NULL) {
       ssh_log(session, SSH_LOG_FUNCTIONS, "Invalid data packet !\n");
-      return SSH_PACKET_USED;
+      return -1;
     }
 
-    ssh_log(session, SSH_LOG_PROTOCOL,
-        "Adding %" PRIdS " bytes data in %d",
-        ssh_string_len(str), is_stderr);
+    ssh_log(session, SSH_LOG_RARE,
+        "Adding %zu bytes data in %d",
+        string_len(str), is_stderr);
 
-    if (channel_default_bufferize(channel, ssh_string_data(str), ssh_string_len(str),
+    if (channel_default_bufferize(channel, string_data(str), string_len(str),
           is_stderr) < 0) {
-      ssh_string_free(str);
-      return SSH_PACKET_USED;
+      string_free(str);
+      return -1;
     }
-    ssh_string_free(str);
+    string_free(str);
 
-    return SSH_PACKET_USED;
+    return 0;
 }
 
-SSH_PACKET_CALLBACK(ssh_packet_close1){
+static int channel_rcv_close1(ssh_session session) {
   ssh_channel channel = session->channels;
   uint32_t status;
-  (void)type;
-  (void)user;
-  buffer_get_u32(packet, &status);
+
+  buffer_get_u32(session->in_buffer, &status);
   /*
    * It's much more than a channel closing. spec says it's the last
    * message sent by server (strange)
    */
 
   /* actually status is lost somewhere */
-  channel->state = SSH_CHANNEL_STATE_CLOSED;
+  channel->open = 0;
   channel->remote_eof = 1;
 
-  buffer_add_u8(session->out_buffer, SSH_CMSG_EXIT_CONFIRMATION);
-  packet_send(session);
+  if (buffer_add_u8(session->out_buffer, SSH_CMSG_EXIT_CONFIRMATION) < 0) {
+    return -1;
+  }
 
-  return SSH_PACKET_USED;
+  if (packet_send(session) != SSH_OK) {
+    return -1;
+  }
+
+  return 0;
 }
 
+int channel_handle1(ssh_session session, int type) {
+  ssh_log(session, SSH_LOG_RARE, "Channel_handle1(%d)", type);
+  switch (type) {
+    case SSH_SMSG_STDOUT_DATA:
+      if (channel_rcv_data1(session,0) < 0) {
+        return -1;
+      }
+      break;
+    case SSH_SMSG_STDERR_DATA:
+      if (channel_rcv_data1(session,1) < 0) {
+        return -1;
+      }
+      break;
+    case SSH_SMSG_EXITSTATUS:
+      if (channel_rcv_close1(session) < 0) {
+        return -1;
+      }
+      break;
+    default:
+      ssh_log(session, SSH_LOG_FUNCTIONS, "Unexepected message %d", type);
+  }
+
+  return 0;
+}
 
 int channel_write1(ssh_channel channel, const void *data, int len) {
   ssh_session session = channel->session;
@@ -287,7 +305,7 @@ int channel_write1(ssh_channel channel, const void *data, int len) {
     ptr += effectivelen;
     len -= effectivelen;
 
-    if (packet_send(session) == SSH_ERROR) {
+    if (packet_send(session) != SSH_OK) {
       return -1;
     }
   }

libssh/client.c

@@ -0,0 +1,739 @@
+/*
+ * client.c - SSH client functions
+ *
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2003-2008 by Aris Adamantiadis
+ *
+ * The SSH Library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The SSH Library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the SSH Library; see the file COPYING.  If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#ifndef _WIN32
+#include <arpa/inet.h>
+#endif
+
+#include "libssh/priv.h"
+#include "libssh/ssh2.h"
+#include "libssh/buffer.h"
+#include "libssh/packet.h"
+#include "libssh/socket.h"
+#include "libssh/session.h"
+#include "libssh/dh.h"
+
+#define set_status(session, status) do {\
+        if (session->callbacks && session->callbacks->connect_status_function) \
+            session->callbacks->connect_status_function(session->callbacks->userdata, status); \
+    } while (0)
+
+/**
+ * @internal
+ *
+ * @brief Get a banner from a socket.
+ *
+ * The caller has to free memroy.
+ *
+ * @param  session      The session to get the banner from.
+ *
+ * @return A newly allocated string with the banner or NULL on error.
+ */
+char *ssh_get_banner(ssh_session session) {
+  char buffer[128] = {0};
+  char *str = NULL;
+  int i;
+
+  enter_function();
+
+  for (i = 0; i < 127; i++) {
+    if (ssh_socket_read(session->socket, &buffer[i], 1) != SSH_OK) {
+      ssh_set_error(session, SSH_FATAL, "Remote host closed connection");
+      leave_function();
+      return NULL;
+    }
+#ifdef WITH_PCAP
+    if(session->pcap_ctx && buffer[i] == '\n'){
+    	ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_IN,buffer,i+1,i+1);
+    }
+#endif
+    if (buffer[i] == '\r') {
+      buffer[i] = '\0';
+    }
+    if (buffer[i] == '\n') {
+      buffer[i] = '\0';
+      str = strdup(buffer);
+      if (str == NULL) {
+        leave_function();
+        return NULL;
+      }
+      leave_function();
+      return str;
+    }
+  }
+
+  ssh_set_error(session, SSH_FATAL, "Too large banner");
+
+  leave_function();
+  return NULL;
+}
+
+/**
+ * @internal
+ *
+ * @brief Analyze the SSH banner to find out if we have a SSHv1 or SSHv2
+ * server.
+ *
+ * @param  session      The session to analyze the banner from.
+ * @param  ssh1         The variable which is set if it is a SSHv1 server.
+ * @param  ssh2         The variable which is set if it is a SSHv2 server.
+ *
+ * @return 0 on success, < 0 on error.
+ *
+ * @see ssh_get_banner()
+ */
+static int ssh_analyze_banner(ssh_session session, int *ssh1, int *ssh2) {
+  const char *banner = session->serverbanner;
+  const char *openssh;
+
+  if (banner == NULL) {
+      ssh_set_error(session, SSH_FATAL, "Invalid banner");
+      return -1;
+  }
+
+  /*
+   * Typical banners e.g. are:
+   *
+   * SSH-1.5-openSSH_5.4
+   * SSH-1.99-openSSH_3.0
+   *
+   * SSH-2.0-something
+   * 012345678901234567890
+   */
+  if (strlen(banner) < 6 ||
+      strncmp(banner, "SSH-", 4) != 0) {
+    ssh_set_error(session, SSH_FATAL, "Protocol mismatch: %s", banner);
+    return -1;
+  }
+
+  ssh_log(session, SSH_LOG_RARE, "Analyzing banner: %s", banner);
+
+  switch(banner[4]) {
+    case '1':
+      *ssh1 = 1;
+      if (strlen(banner) > 6) {
+          if (banner[6] == '9') {
+            *ssh2 = 1;
+          } else {
+            *ssh2 = 0;
+          }
+      }
+      break;
+    case '2':
+      *ssh1 = 0;
+      *ssh2 = 1;
+      break;
+    default:
+      ssh_set_error(session, SSH_FATAL, "Protocol mismatch: %s", banner);
+      return -1;
+  }
+
+  openssh = strstr(banner, "OpenSSH");
+  if (openssh != NULL) {
+      int major, minor;
+
+      /*
+       * The banner is typical:
+       * OpenSSH_5.4
+       * 012345678901234567890
+       */
+      if (strlen(openssh) > 9) {
+          major = strtol(openssh + 8, (char **) NULL, 10);
+          minor = strtol(openssh + 10, (char **) NULL, 10);
+          session->openssh = SSH_VERSION_INT(major, minor, 0);
+          ssh_log(session, SSH_LOG_RARE,
+                  "We are talking to an OpenSSH client version: %d.%d (%x)",
+                  major, minor, session->openssh);
+      }
+  }
+
+  return 0;
+}
+
+/** @internal
+ * @brief Sends a SSH banner to the server.
+ *
+ * @param session      The SSH session to use.
+ *
+ * @param server       Send client or server banner.
+ *
+ * @return 0 on success, < 0 on error.
+ */
+int ssh_send_banner(ssh_session session, int server) {
+  const char *banner = NULL;
+  char buffer[128] = {0};
+
+  enter_function();
+
+  banner = session->version == 1 ? CLIENTBANNER1 : CLIENTBANNER2;
+
+  if (session->xbanner) {
+    banner = session->xbanner;
+  }
+
+  if (server) {
+    session->serverbanner = strdup(banner);
+    if (session->serverbanner == NULL) {
+      leave_function();
+      return -1;
+    }
+  } else {
+    session->clientbanner = strdup(banner);
+    if (session->clientbanner == NULL) {
+      leave_function();
+      return -1;
+    }
+  }
+
+  snprintf(buffer, 128, "%s\r\n", banner);
+
+  if (ssh_socket_write(session->socket, buffer, strlen(buffer)) == SSH_ERROR) {
+    leave_function();
+    return -1;
+  }
+
+  if (ssh_socket_blocking_flush(session->socket) != SSH_OK) {
+    leave_function();
+    return -1;
+  }
+#ifdef WITH_PCAP
+  if(session->pcap_ctx)
+  	ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_OUT,buffer,strlen(buffer),strlen(buffer));
+#endif
+  leave_function();
+  return 0;
+}
+
+#define DH_STATE_INIT 0
+#define DH_STATE_INIT_TO_SEND 1
+#define DH_STATE_INIT_SENT 2
+#define DH_STATE_NEWKEYS_TO_SEND 3
+#define DH_STATE_NEWKEYS_SENT 4
+#define DH_STATE_FINISHED 5
+static int dh_handshake(ssh_session session) {
+  ssh_string e = NULL;
+  ssh_string f = NULL;
+  ssh_string pubkey = NULL;
+  ssh_string signature = NULL;
+  int rc = SSH_ERROR;
+
+  enter_function();
+
+  switch (session->dh_handshake_state) {
+    case DH_STATE_INIT:
+      if (buffer_add_u8(session->out_buffer, SSH2_MSG_KEXDH_INIT) < 0) {
+        goto error;
+      }
+
+      if (dh_generate_x(session) < 0) {
+        goto error;
+      }
+      if (dh_generate_e(session) < 0) {
+        goto error;
+      }
+
+      e = dh_get_e(session);
+      if (e == NULL) {
+        goto error;
+      }
+
+      if (buffer_add_ssh_string(session->out_buffer, e) < 0) {
+        goto error;
+      }
+      string_burn(e);
+      string_free(e);
+      e=NULL;
+
+      rc = packet_send(session);
+      if (rc == SSH_ERROR) {
+        goto error;
+      }
+
+      session->dh_handshake_state = DH_STATE_INIT_TO_SEND;
+    case DH_STATE_INIT_TO_SEND:
+      rc = packet_flush(session, 0);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+      session->dh_handshake_state = DH_STATE_INIT_SENT;
+    case DH_STATE_INIT_SENT:
+      rc = packet_wait(session, SSH2_MSG_KEXDH_REPLY, 1);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+
+      pubkey = buffer_get_ssh_string(session->in_buffer);
+      if (pubkey == NULL){
+        ssh_set_error(session,SSH_FATAL, "No public key in packet");
+        rc = SSH_ERROR;
+        goto error;
+      }
+      dh_import_pubkey(session, pubkey);
+
+      f = buffer_get_ssh_string(session->in_buffer);
+      if (f == NULL) {
+        ssh_set_error(session,SSH_FATAL, "No F number in packet");
+        rc = SSH_ERROR;
+        goto error;
+      }
+      if (dh_import_f(session, f) < 0) {
+        ssh_set_error(session, SSH_FATAL, "Cannot import f number");
+        rc = SSH_ERROR;
+        goto error;
+      }
+      string_burn(f);
+      string_free(f);
+      f=NULL;
+      signature = buffer_get_ssh_string(session->in_buffer);
+      if (signature == NULL) {
+        ssh_set_error(session, SSH_FATAL, "No signature in packet");
+        rc = SSH_ERROR;
+        goto error;
+      }
+      session->dh_server_signature = signature;
+      signature=NULL; /* ownership changed */
+      if (dh_build_k(session) < 0) {
+        ssh_set_error(session, SSH_FATAL, "Cannot build k number");
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      /* Send the MSG_NEWKEYS */
+      if (buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      rc = packet_send(session);
+      if (rc == SSH_ERROR) {
+        goto error;
+      }
+
+      session->dh_handshake_state = DH_STATE_NEWKEYS_TO_SEND;
+    case DH_STATE_NEWKEYS_TO_SEND:
+      rc = packet_flush(session, 0);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+      ssh_log(session, SSH_LOG_RARE, "SSH_MSG_NEWKEYS sent\n");
+
+      session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
+    case DH_STATE_NEWKEYS_SENT:
+      rc = packet_wait(session, SSH2_MSG_NEWKEYS, 1);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+      ssh_log(session, SSH_LOG_RARE, "Got SSH_MSG_NEWKEYS\n");
+
+      rc = make_sessionid(session);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+
+      /*
+       * Set the cryptographic functions for the next crypto
+       * (it is needed for generate_session_keys for key lenghts)
+       */
+      if (crypt_set_algorithms(session)) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      if (generate_session_keys(session) < 0) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      /* Verify the host's signature. FIXME do it sooner */
+      signature = session->dh_server_signature;
+      session->dh_server_signature = NULL;
+      if (signature_verify(session, signature)) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      /* forget it for now ... */
+      string_burn(signature);
+      string_free(signature);
+      signature=NULL;
+      /*
+       * Once we got SSH2_MSG_NEWKEYS we can switch next_crypto and
+       * current_crypto
+       */
+      if (session->current_crypto) {
+        crypto_free(session->current_crypto);
+        session->current_crypto=NULL;
+      }
+
+      /* FIXME later, include a function to change keys */
+      session->current_crypto = session->next_crypto;
+
+      session->next_crypto = crypto_new();
+      if (session->next_crypto == NULL) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      session->dh_handshake_state = DH_STATE_FINISHED;
+
+      leave_function();
+      return SSH_OK;
+    default:
+      ssh_set_error(session, SSH_FATAL, "Invalid state in dh_handshake(): %d",
+          session->dh_handshake_state);
+
+      leave_function();
+      return SSH_ERROR;
+  }
+
+  /* not reached */
+error:
+  if(e != NULL){
+    string_burn(e);
+    string_free(e);
+  }
+  if(f != NULL){
+    string_burn(f);
+    string_free(f);
+  }
+  if(signature != NULL){
+    string_burn(signature);
+    string_free(signature);
+  }
+
+  leave_function();
+  return rc;
+}
+
+/**
+ * @internal
+ *
+ * @brief Request a service from the SSH server.
+ *
+ * Service requests are for example: ssh-userauth, ssh-connection, etc.
+ *
+ * @param  session      The session to use to ask for a service request.
+ * @param  service      The service request.
+ *
+ * @return 0 on success, < 0 on error.
+ */
+int ssh_service_request(ssh_session session, const char *service) {
+  ssh_string service_s = NULL;
+
+  enter_function();
+
+  if (buffer_add_u8(session->out_buffer, SSH2_MSG_SERVICE_REQUEST) < 0) {
+    leave_function();
+    return -1;
+  }
+
+  service_s = string_from_char(service);
+  if (service_s == NULL) {
+    leave_function();
+    return -1;
+  }
+
+  if (buffer_add_ssh_string(session->out_buffer,service_s) < 0) {
+    string_free(service_s);
+    leave_function();
+    return -1;
+  }
+  string_free(service_s);
+
+  if (packet_send(session) != SSH_OK) {
+    ssh_set_error(session, SSH_FATAL,
+        "Sending SSH2_MSG_SERVICE_REQUEST failed.");
+    leave_function();
+    return -1;
+  }
+
+  ssh_log(session, SSH_LOG_PACKET,
+      "Sent SSH_MSG_SERVICE_REQUEST (service %s)", service);
+
+  if (packet_wait(session,SSH2_MSG_SERVICE_ACCEPT,1) != SSH_OK) {
+    ssh_set_error(session, SSH_FATAL, "Did not receive SERVICE_ACCEPT");
+    leave_function();
+    return -1;
+  }
+
+  ssh_log(session, SSH_LOG_PACKET,
+      "Received SSH_MSG_SERVICE_ACCEPT (service %s)", service);
+
+  leave_function();
+  return 0;
+}
+
+/** \addtogroup ssh_session
+ * @{
+ */
+
+/** \brief connect to the ssh server
+ * \param session ssh session
+ * \return SSH_OK on success, SSH_ERROR on error
+ * \see ssh_new()
+ * \see ssh_disconnect()
+ */
+int ssh_connect(ssh_session session) {
+  int ssh1 = 0;
+  int ssh2 = 0;
+  socket_t fd = SSH_INVALID_SOCKET;
+  int ret;
+
+  if (session == NULL) {
+    ssh_set_error(session, SSH_FATAL, "Invalid session pointer");
+    return SSH_ERROR;
+  }
+
+  enter_function();
+
+  session->alive = 0;
+  session->client = 1;
+
+  if (ssh_init() < 0) {
+    leave_function();
+    return SSH_ERROR;
+  }
+  if (session->fd == SSH_INVALID_SOCKET && session->host == NULL &&
+      session->ProxyCommand == NULL) {
+    ssh_set_error(session, SSH_FATAL, "Hostname required");
+    leave_function();
+    return SSH_ERROR;
+  }
+
+  ret = ssh_options_apply(session);
+  if (ret < 0) {
+      ssh_set_error(session, SSH_FATAL, "Couldn't apply options");
+      leave_function();
+      return SSH_ERROR;
+  }
+
+  if (session->fd != SSH_INVALID_SOCKET) {
+    fd = session->fd;
+#ifndef _WIN32
+  } else if (session->ProxyCommand != NULL) {
+    fd=ssh_socket_connect_proxycommand(session, session->ProxyCommand);
+#endif
+  } else {
+    fd = ssh_connect_host(session, session->host, session->bindaddr,
+        session->port, session->timeout, session->timeout_usec);
+  }
+  if (fd == SSH_INVALID_SOCKET) {
+    leave_function();
+    return SSH_ERROR;
+  }
+  set_status(session, 0.2);
+
+  ssh_socket_set_fd(session->socket, fd);
+
+  session->alive = 1;
+  session->serverbanner = ssh_get_banner(session);
+  if (session->serverbanner == NULL) {
+    ssh_socket_close(session->socket);
+    session->alive = 0;
+    leave_function();
+    return SSH_ERROR;
+  }
+  set_status(session, 0.4);
+
+  ssh_log(session, SSH_LOG_RARE,
+      "SSH server banner: %s", session->serverbanner);
+
+  /* Here we analyse the different protocols the server allows. */
+  if (ssh_analyze_banner(session, &ssh1, &ssh2) < 0) {
+    ssh_socket_close(session->socket);
+    session->alive = 0;
+    leave_function();
+    return SSH_ERROR;
+  }
+
+  /* Here we decide which version of the protocol to use. */
+  if (ssh2 && session->ssh2) {
+    session->version = 2;
+#ifdef WITH_SSH1
+  } else if(ssh1 && session->ssh1) {
+    session->version = 1;
+#endif
+  } else {
+    ssh_set_error(session, SSH_FATAL,
+        "No version of SSH protocol usable (banner: %s)",
+        session->serverbanner);
+    ssh_socket_close(session->socket);
+    session->alive = 0;
+    leave_function();
+    return SSH_ERROR;
+  }
+
+  if (ssh_send_banner(session, 0) < 0) {
+    ssh_set_error(session, SSH_FATAL, "Sending the banner failed");
+    ssh_socket_close(session->socket);
+    session->alive = 0;
+    leave_function();
+    return SSH_ERROR;
+  }
+  set_status(session, 0.5);
+
+  switch (session->version) {
+    case 2:
+      if (ssh_get_kex(session,0) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      set_status(session,0.6);
+
+      ssh_list_kex(session, &session->server_kex);
+      if (set_kex(session) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      if (ssh_send_kex(session, 0) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      set_status(session,0.8);
+
+      if (dh_handshake(session) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      set_status(session,1.0);
+
+      session->connected = 1;
+      break;
+#ifdef WITH_SSH1
+    case 1:
+      if (ssh_get_kex1(session) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      set_status(session,0.6);
+
+      session->connected = 1;
+      break;
+#endif
+  }
+
+  leave_function();
+  return 0;
+}
+
+/**
+ * @brief Get the issue banner from the server.
+ *
+ * This is the banner showing a disclaimer to users who log in,
+ * typically their right or the fact that they will be monitored.
+ *
+ * @param session       The SSH session to use.
+ *
+ * @return A newly allocated string with the banner, NULL on error.
+ */
+char *ssh_get_issue_banner(ssh_session session) {
+  if (session == NULL || session->banner == NULL) {
+    return NULL;
+  }
+
+  return string_to_char(session->banner);
+}
+
+/**
+ * @brief Get the version of the OpenSSH server, if it is not an OpenSSH server
+ * then 0 will be returned.
+ *
+ * You can use the SSH_VERSION_INT macro to compare version numbers.
+ *
+ * @param  session      The SSH session to use.
+ *
+ * @return The version number if available, 0 otherwise.
+ */
+int ssh_get_openssh_version(ssh_session session) {
+  if (session == NULL) {
+    return 0;
+  }
+
+  return session->openssh;
+}
+
+/**
+ * @brief Disconnect from a session (client or server).
+ * The session can then be reused to open a new session.
+ *
+ * @param session       The SSH session to disconnect.
+ */
+void ssh_disconnect(ssh_session session) {
+  ssh_string str = NULL;
+
+  if (session == NULL) {
+    return;
+  }
+
+  enter_function();
+
+  if (ssh_socket_is_open(session->socket)) {
+    if (buffer_add_u8(session->out_buffer, SSH2_MSG_DISCONNECT) < 0) {
+      goto error;
+    }
+    if (buffer_add_u32(session->out_buffer,
+          htonl(SSH2_DISCONNECT_BY_APPLICATION)) < 0) {
+      goto error;
+    }
+
+    str = string_from_char("Bye Bye");
+    if (str == NULL) {
+      goto error;
+    }
+
+    if (buffer_add_ssh_string(session->out_buffer,str) < 0) {
+      string_free(str);
+      goto error;
+    }
+    string_free(str);
+
+    packet_send(session);
+    ssh_socket_close(session->socket);
+  }
+  session->alive = 0;
+
+error:
+  leave_function();
+}
+
+const char *ssh_copyright(void) {
+    return SSH_STRINGIFY(LIBSSH_VERSION) " (c) 2003-2008 Aris Adamantiadis "
+    "(aris@0xbadc0de.be) Distributed under the LGPL, please refer to COPYING"
+    "file for information about your rights";
+}
+/** @} */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/config.c

@@ -27,7 +27,6 @@
 
 #include "libssh/priv.h"
 #include "libssh/session.h"
-#include "libssh/misc.h"
 
 enum ssh_config_opcode_e {
   SOC_UNSUPPORTED = -1,
@@ -40,8 +39,6 @@ enum ssh_config_opcode_e {
   SOC_COMPRESSION,
   SOC_TIMEOUT,
   SOC_PROTOCOL,
-  SOC_STRICTHOSTKEYCHECK,
-  SOC_KNOWNHOSTS,
   SOC_PROXYCOMMAND
 };
 
@@ -60,8 +57,6 @@ static struct ssh_config_keyword_table_s ssh_config_keyword_table[] = {
   { "compression", SOC_COMPRESSION },
   { "connecttimeout", SOC_TIMEOUT },
   { "protocol", SOC_PROTOCOL },
-  { "stricthostkeychecking", SOC_STRICTHOSTKEYCHECK },
-  { "userknownhostsfile", SOC_KNOWNHOSTS },
   { "proxycommand", SOC_PROXYCOMMAND },
   { NULL, SOC_UNSUPPORTED }
 };
@@ -161,7 +156,6 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
   const char *p;
   char *s, *x;
   char *keyword;
-  char *lowerhost;
   size_t len;
   int i;
 
@@ -191,14 +185,12 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
   switch (opcode) {
     case SOC_HOST:
       *parsing = 0;
-      lowerhost = (session->host) ? ssh_lowercase(session->host) : NULL;
       for (p = ssh_config_get_str(&s, NULL); p && *p;
           p = ssh_config_get_str(&s, NULL)) {
-        if (match_hostname(lowerhost, p, strlen(p))) {
+        if (match_hostname(session->host, p, strlen(p))) {
           *parsing = 1;
         }
       }
-      SAFE_FREE(lowerhost);
       break;
     case SOC_HOSTNAME:
       p = ssh_config_get_str(&s, NULL);
@@ -239,9 +231,11 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
       i = ssh_config_get_yesno(&s, -1);
       if (i >= 0 && *parsing) {
         if (i) {
-          ssh_options_set(session, SSH_OPTIONS_COMPRESSION, "yes");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "zlib,none");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "zlib,none");
         } else {
-          ssh_options_set(session, SSH_OPTIONS_COMPRESSION, "no");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "none");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "none");
         }
       }
       break;
@@ -282,18 +276,6 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
         ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &i);
       }
       break;
-    case SOC_STRICTHOSTKEYCHECK:
-      i = ssh_config_get_yesno(&s, -1);
-      if (i >= 0 && *parsing) {
-        ssh_options_set(session, SSH_OPTIONS_STRICTHOSTKEYCHECK, &i);
-      }
-      break;
-    case SOC_KNOWNHOSTS:
-      p = ssh_config_get_str(&s, NULL);
-      if (p && *parsing) {
-        ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, p);
-      }
-      break;
     case SOC_PROXYCOMMAND:
       p = ssh_config_get_str(&s, NULL);
       if (p && *parsing) {
@@ -327,7 +309,9 @@ int ssh_config_parse_file(ssh_session session, const char *filename) {
     return 0;
   }
 
-  ssh_log(session, SSH_LOG_RARE, "Reading configuration data from %s", filename);
+  if (session->log_verbosity) {
+    fprintf(stderr, "Reading configuration data from %s\n", filename);
+  }
 
   parsing = 1;
   while (fgets(line, sizeof(line), f)) {

libssh/connect.c

@@ -21,17 +21,12 @@
  * MA 02111-1307, USA.
  */
 
-#include "config.h"
-
 #include <errno.h>
 #include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 
-#include "libssh/libssh.h"
-#include "libssh/misc.h"
-
 #ifdef _WIN32
 /*
  * Only use Windows API functions available on Windows 2000 SP4 or later.
@@ -50,11 +45,6 @@
 #define NTDDI_VERSION 0x05010000 /* NTDDI_WINXP */
 #endif
 
-#if _MSC_VER >= 1400
-#include <io.h>
-#undef close
-#define close _close
-#endif /* _MSC_VER */
 #include <winsock2.h>
 #include <ws2tcpip.h>
 
@@ -83,13 +73,21 @@
 #error "Your system must have getaddrinfo()"
 #endif
 
+#ifdef HAVE_REGCOMP
+/* don't declare gnu extended regexp's */
+#ifndef _POSIX_C_SOURCE
+#define _POSIX_C_SOURCE
+#endif
+#include <regex.h>
+#endif /* HAVE_REGCOMP */
+
 #ifdef _WIN32
-void ssh_sock_set_nonblocking(socket_t sock) {
+static void sock_set_nonblocking(socket_t sock) {
   u_long nonblocking = 1;
   ioctlsocket(sock, FIONBIO, &nonblocking);
 }
 
-void ssh_sock_set_blocking(socket_t sock) {
+static void sock_set_blocking(socket_t sock) {
   u_long nonblocking = 0;
   ioctlsocket(sock, FIONBIO, &nonblocking);
 }
@@ -105,16 +103,61 @@ char WSAAPI *gai_strerrorA(int code) {
 #endif /* gai_strerror */
 
 #else /* _WIN32 */
-void ssh_sock_set_nonblocking(socket_t sock) {
+static void sock_set_nonblocking(socket_t sock) {
   fcntl(sock, F_SETFL, O_NONBLOCK);
 }
 
-void ssh_sock_set_blocking(socket_t sock) {
+static void sock_set_blocking(socket_t sock) {
   fcntl(sock, F_SETFL, 0);
 }
 
 #endif /* _WIN32 */
 
+#ifdef HAVE_REGCOMP
+static regex_t *ip_regex = NULL;
+
+/** @internal
+ * @brief initializes and compile the regexp to be used for IP matching
+ * @returns -1 on error (and error message is set)
+ * @returns 0 on success
+ */
+int ssh_regex_init(){
+  if(ip_regex==NULL){
+    int err;
+    regex_t *regex=malloc(sizeof (regex_t));
+    ZERO_STRUCTP(regex);
+    err=regcomp(regex,"^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+$",REG_EXTENDED | REG_NOSUB);
+    if(err != 0){
+      char buffer[128];
+      regerror(err,regex,buffer,sizeof(buffer));
+      fprintf(stderr,"Error while compiling regular expression : %s\n",buffer);
+      SAFE_FREE(regex);
+      return -1;
+    }
+    ip_regex=regex;
+  }
+  return 0;
+}
+
+/** @internal
+ * @brief clean up the IP regexp
+ */
+void ssh_regex_finalize(){
+  if(ip_regex){
+    regfree(ip_regex);
+    SAFE_FREE(ip_regex);
+  }
+}
+
+#else /* HAVE_REGCOMP */
+int ssh_regex_init(){
+  return 0;
+}
+void ssh_regex_finalize(){
+}
+#endif
+
+
 static int ssh_connect_socket_close(socket_t s){
 #ifdef _WIN32
   return closesocket(s);
@@ -138,19 +181,19 @@ static int getai(ssh_session session, const char *host, int port, struct addrinf
   if (port == 0) {
     hints.ai_flags = AI_PASSIVE;
   } else {
-    snprintf(s_port, sizeof(s_port), "%hu", (unsigned short)port);
+    snprintf(s_port, sizeof(s_port), "%hu", port);
     service = s_port;
 #ifdef AI_NUMERICSERV
     hints.ai_flags=AI_NUMERICSERV;
 #endif
   }
-
-  if (ssh_is_ipaddr(host)) {
+#ifdef HAVE_REGCOMP
+  if(regexec(ip_regex,host,0,NULL,0) == 0){
     /* this is an IP address */
     ssh_log(session,SSH_LOG_PACKET,"host %s matches an IP address",host);
     hints.ai_flags |= AI_NUMERICHOST;
   }
-
+#endif
   return getaddrinfo(host, service, &hints, ai);
 }
 
@@ -168,7 +211,7 @@ static int ssh_connect_ai_timeout(ssh_session session, const char *host,
    */
   timeout_ms=timeout * 1000 + usec / 1000;
 
-  ssh_sock_set_nonblocking(s);
+  sock_set_nonblocking(s);
 
   ssh_log(session, SSH_LOG_RARE, "Trying to connect to host: %s:%d with "
       "timeout %d ms", host, port, timeout_ms);
@@ -215,7 +258,7 @@ static int ssh_connect_ai_timeout(ssh_session session, const char *host,
 
   /* s is connected ? */
   ssh_log(session, SSH_LOG_PACKET, "Socket connected with timeout\n");
-  ssh_sock_set_blocking(s);
+  sock_set_blocking(s);
 
   leave_function();
   return s;
@@ -301,7 +344,6 @@ socket_t ssh_connect_host(ssh_session session, const char *host,
       ssh_set_error(session, SSH_FATAL, "Connect failed: %s", strerror(errno));
       ssh_connect_socket_close(s);
       s = -1;
-      leave_function();
       continue;
     } else {
       /* We are connected */
@@ -316,92 +358,8 @@ socket_t ssh_connect_host(ssh_session session, const char *host,
 }
 
 /**
- * @internal
- *
- * @brief Launches a nonblocking connect to an IPv4 or IPv6 host
- * specified by its IP address or hostname.
- *
- * @returns A file descriptor, < 0 on error.
- * @warning very ugly !!!
- */
-socket_t ssh_connect_host_nonblocking(ssh_session session, const char *host,
-    const char *bind_addr, int port) {
-  socket_t s = -1;
-  int rc;
-  struct addrinfo *ai;
-  struct addrinfo *itr;
-
-  enter_function();
-
-  rc = getai(session,host, port, &ai);
-  if (rc != 0) {
-    ssh_set_error(session, SSH_FATAL,
-        "Failed to resolve hostname %s (%s)", host, gai_strerror(rc));
-    leave_function();
-    return -1;
-  }
-
-  for (itr = ai; itr != NULL; itr = itr->ai_next){
-    /* create socket */
-    s = socket(itr->ai_family, itr->ai_socktype, itr->ai_protocol);
-    if (s < 0) {
-      ssh_set_error(session, SSH_FATAL,
-          "Socket create failed: %s", strerror(errno));
-      continue;
-    }
-
-    if (bind_addr) {
-      struct addrinfo *bind_ai;
-      struct addrinfo *bind_itr;
-
-      ssh_log(session, SSH_LOG_PACKET, "Resolving %s\n", bind_addr);
-
-      rc = getai(session,bind_addr, 0, &bind_ai);
-      if (rc != 0) {
-        ssh_set_error(session, SSH_FATAL,
-            "Failed to resolve bind address %s (%s)",
-            bind_addr,
-            gai_strerror(rc));
-        close(s);
-        s=-1;
-        break;
-      }
-
-      for (bind_itr = bind_ai; bind_itr != NULL; bind_itr = bind_itr->ai_next) {
-        if (bind(s, bind_itr->ai_addr, bind_itr->ai_addrlen) < 0) {
-          ssh_set_error(session, SSH_FATAL,
-              "Binding local address: %s", strerror(errno));
-          continue;
-        } else {
-          break;
-        }
-      }
-      freeaddrinfo(bind_ai);
-
-      /* Cannot bind to any local addresses */
-      if (bind_itr == NULL) {
-        ssh_connect_socket_close(s);
-        s = -1;
-        continue;
-      }
-    }
-    ssh_sock_set_nonblocking(s);
-
-    connect(s, itr->ai_addr, itr->ai_addrlen);
-    break;
-  }
-
-  freeaddrinfo(ai);
-  leave_function();
-
-  return s;
-}
-
-/**
- * @addtogroup libssh_session
- *
- * @{
- */
+ * @addtogroup ssh_session
+ * @{ */
 
 /**
  * @brief A wrapper for the select syscall
@@ -409,25 +367,25 @@ socket_t ssh_connect_host_nonblocking(ssh_session session, const char *host,
  * This functions acts more or less like the select(2) syscall.\n
  * There is no support for writing or exceptions.\n
  *
- * @param[in]  channels Arrays of channels pointers terminated by a NULL.
+ * @param  channels     Arrays of channels pointers terminated by a NULL.
  *                      It is never rewritten.
  *
- * @param[out] outchannels Arrays of same size that "channels", there is no need
- *                         to initialize it.
+ * @param  outchannels  Arrays of same size that "channels", there is no need
+ *                      to initialize it.
  *
- * @param[in]  maxfd    Maximum +1 file descriptor from readfds.
+ * @param  maxfd        Maximum +1 file descriptor from readfds.
  *
- * @param[in]  readfds  A fd_set of file descriptors to be select'ed for
+ * @param  readfds      A fd_set of file descriptors to be select'ed for
  *                      reading.
  *
- * @param[in]  timeout  A timeout for the select.
+ * @param  timeout      A timeout for the select.
  *
- * @return              -1 if an error occured. SSH_EINTR if it was interrupted, in
- *                      that case, just restart it.
+ * @return -1 if an error occured. E_INTR if it was interrupted. In that case,
+ *          just restart it.
  *
  * @warning libssh is not threadsafe here. That means that if a signal is caught
- *          during the processing of this function, you cannot call ssh
- *          functions on sessions that are busy with ssh_select().
+ * during the processing of this function, you cannot call ssh functions on
+ * sessions that are busy with ssh_select().
  *
  * @see select(2)
  */
@@ -461,11 +419,11 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
   j = 0;
   for (i = 0; channels[i]; i++) {
     if (channels[i]->session->alive) {
-      if(ssh_channel_poll(channels[i], 0) > 0) {
+      if(channel_poll(channels[i], 0) > 0) {
         outchannels[j] = channels[i];
         j++;
       } else {
-        if(ssh_channel_poll(channels[i], 1) > 0) {
+        if(channel_poll(channels[i], 1) > 0) {
           outchannels[j] = channels[i];
           j++;
         }
@@ -520,7 +478,7 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
   for (i = 0; channels[i]; i++) {
     if (channels[i]->session->alive &&
         ssh_socket_fd_isset(channels[i]->session->socket,&localset)) {
-      ssh_socket_set_read_wontblock(channels[i]->session->socket);
+      ssh_socket_set_toread(channels[i]->session->socket);
     }
   }
 
@@ -529,8 +487,8 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
   for (i = 0; channels[i]; i++) {
     if (channels[i]->session->alive &&
         ssh_socket_fd_isset(channels[i]->session->socket,&localset)) {
-      if ((ssh_channel_poll(channels[i],0) > 0) ||
-          (ssh_channel_poll(channels[i], 1) > 0)) {
+      if ((channel_poll(channels[i],0) > 0) ||
+          (channel_poll(channels[i], 1) > 0)) {
         outchannels[j] = channels[i];
         j++;
       }
@@ -540,7 +498,7 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
 
   FD_ZERO(&localset2);
   for (f = 0; f < maxfd; f++) {
-    if (FD_ISSET(f, readfds) && FD_ISSET(f, &localset)) {
+    if (FD_ISSET(f, readfds) && FD_ISSET(i, &localset)) {
       FD_SET(f, &localset2);
     }
   }
@@ -551,5 +509,4 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
 }
 
 /** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/crypt.c

@@ -40,8 +40,6 @@
 #include "libssh/session.h"
 #include "libssh/wrapper.h"
 #include "libssh/crypto.h"
-#include "libssh/buffer.h"
-
 uint32_t packet_decrypt_len(ssh_session session, char *crypted){
   uint32_t decrypted;
 
@@ -181,7 +179,7 @@ unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
  * @param  mac          The mac to compare with the hmac.
  *
  * @return              0 if hmac and mac are equal, < 0 if not or an error
- *                      occurred.
+ *                      occured.
  */
 int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
     unsigned char *mac) {
@@ -198,7 +196,7 @@ int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
   seq = htonl(session->recv_seq);
 
   hmac_update(ctx, (unsigned char *) &seq, sizeof(uint32_t));
-  hmac_update(ctx, buffer_get_rest(buffer), buffer_get_rest_len(buffer));
+  hmac_update(ctx, buffer_get(buffer), buffer_get_len(buffer));
   hmac_final(ctx, hmacbuf, &len);
 
 #ifdef DEBUG_CRYPTO

libssh/dh.c

@@ -29,10 +29,10 @@
  * g and n are two numbers common to every ssh software.
  * client's public key (e) is calculated by doing:
  * e = g^x mod p
- * client sends e to the server.
+ * client sents e to the server.
  * the server computes his own public key, f
  * f = g^y mod p
- * it sends it to the client
+ * it sents it to the client
  * the common key K is calculated by the client by doing
  * k = f^x mod p
  * the server does the same with the client public key e
@@ -104,6 +104,7 @@ int ssh_get_random(void *where, int len, int strong){
   return 1;
 }
 
+
 /*
  * This inits the values g and p which are used for DH key agreement
  * FIXME: Make the function thread safe by adding a semaphore or mutex.
@@ -112,6 +113,7 @@ int ssh_crypto_init(void) {
   if (ssh_crypto_initialized == 0) {
 #ifdef HAVE_LIBGCRYPT
     gcry_check_version(NULL);
+
     if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P,0)) {
       gcry_control(GCRYCTL_INIT_SECMEM, 4096);
       gcry_control(GCRYCTL_INITIALIZATION_FINISHED,0);
@@ -140,7 +142,6 @@ int ssh_crypto_init(void) {
     }
     bignum_bin2bn(p_value, P_LEN, p);
     OpenSSL_add_all_algorithms();
-
 #endif
 
     ssh_crypto_initialized = 1;
@@ -155,12 +156,6 @@ void ssh_crypto_finalize(void) {
     g = NULL;
     bignum_free(p);
     p = NULL;
-#ifdef HAVE_LIBGCRYPT
-    gcry_control(GCRYCTL_TERM_SECMEM);
-#elif defined HAVE_LIBCRYPTO
-    EVP_cleanup();
-    CRYPTO_cleanup_all_ex_data();
-#endif
     ssh_crypto_initialized=0;
   }
 }
@@ -214,7 +209,7 @@ char *ssh_get_hexa(const unsigned char *what, size_t len) {
 /**
  * @brief Print a buffer as colon separated hex string.
  *
- * @param  descr        Description printed in front of the hex string.
+ * @param  descr        Description printed infront of the hex string.
  *
  * @param  what         What should be converted to a hex string.
  *
@@ -375,7 +370,7 @@ ssh_string make_bignum_string(bignum num) {
 
 bignum make_string_bn(ssh_string string){
   bignum bn = NULL;
-  unsigned int len = ssh_string_len(string);
+  unsigned int len = string_len(string);
 
 #ifdef DEBUG_CRYPTO
   fprintf(stderr, "Importing a %d bits, %d bytes object ...\n",
@@ -505,12 +500,12 @@ int make_sessionid(ssh_session session) {
     return rc;
   }
 
-  buf = ssh_buffer_new();
+  buf = buffer_new();
   if (buf == NULL) {
     return rc;
   }
 
-  str = ssh_string_from_char(session->clientbanner);
+  str = string_from_char(session->clientbanner);
   if (str == NULL) {
     goto error;
   }
@@ -518,9 +513,9 @@ int make_sessionid(ssh_session session) {
   if (buffer_add_ssh_string(buf, str) < 0) {
     goto error;
   }
-  ssh_string_free(str);
+  string_free(str);
 
-  str = ssh_string_from_char(session->serverbanner);
+  str = string_from_char(session->serverbanner);
   if (str == NULL) {
     goto error;
   }
@@ -550,25 +545,25 @@ int make_sessionid(ssh_session session) {
     goto error;
   }
 
-  len = ntohl(buffer_get_rest_len(client_hash));
+  len = ntohl(buffer_get_len(client_hash));
   if (buffer_add_u32(buf,len) < 0) {
     goto error;
   }
-  if (buffer_add_data(buf, buffer_get_rest(client_hash),
-        buffer_get_rest_len(client_hash)) < 0) {
+  if (buffer_add_data(buf, buffer_get(client_hash),
+        buffer_get_len(client_hash)) < 0) {
     goto error;
   }
 
-  len = ntohl(buffer_get_rest_len(server_hash));
+  len = ntohl(buffer_get_len(server_hash));
   if (buffer_add_u32(buf, len) < 0) {
     goto error;
   }
-  if (buffer_add_data(buf, buffer_get_rest(server_hash),
-        buffer_get_rest_len(server_hash)) < 0) {
+  if (buffer_add_data(buf, buffer_get(server_hash),
+        buffer_get_len(server_hash)) < 0) {
     goto error;
   }
 
-  len = ssh_string_len(session->next_crypto->server_pubkey) + 4;
+  len = string_len(session->next_crypto->server_pubkey) + 4;
   if (buffer_add_data(buf, session->next_crypto->server_pubkey, len) < 0) {
     goto error;
   }
@@ -578,38 +573,38 @@ int make_sessionid(ssh_session session) {
     goto error;
   }
 
-  len = ssh_string_len(num) + 4;
+  len = string_len(num) + 4;
   if (buffer_add_data(buf, num, len) < 0) {
     goto error;
   }
 
-  ssh_string_free(num);
+  string_free(num);
   num = make_bignum_string(session->next_crypto->f);
   if (num == NULL) {
     goto error;
   }
 
-  len = ssh_string_len(num) + 4;
+  len = string_len(num) + 4;
   if (buffer_add_data(buf, num, len) < 0) {
     goto error;
   }
 
-  ssh_string_free(num);
+  string_free(num);
   num = make_bignum_string(session->next_crypto->k);
   if (num == NULL) {
     goto error;
   }
 
-  len = ssh_string_len(num) + 4;
+  len = string_len(num) + 4;
   if (buffer_add_data(buf, num, len) < 0) {
     goto error;
   }
 
 #ifdef DEBUG_CRYPTO
-  ssh_print_hexa("hash buffer", ssh_buffer_get_begin(buf), ssh_buffer_get_len(buf));
+  ssh_print_hexa("hash buffer", buffer_get(buf), buffer_get_len(buf));
 #endif
 
-  sha1_update(ctx, buffer_get_rest(buf), buffer_get_rest_len(buf));
+  sha1_update(ctx, buffer_get(buf), buffer_get_len(buf));
   sha1_final(session->next_crypto->session_id, ctx);
 
 #ifdef DEBUG_CRYPTO
@@ -619,15 +614,15 @@ int make_sessionid(ssh_session session) {
 
   rc = SSH_OK;
 error:
-  ssh_buffer_free(buf);
-  ssh_buffer_free(client_hash);
-  ssh_buffer_free(server_hash);
+  buffer_free(buf);
+  buffer_free(client_hash);
+  buffer_free(server_hash);
 
   session->in_hashbuf = NULL;
   session->out_hashbuf = NULL;
 
-  ssh_string_free(str);
-  ssh_string_free(num);
+  string_free(str);
+  string_free(num);
 
   leave_function();
 
@@ -635,7 +630,7 @@ error:
 }
 
 int hashbufout_add_cookie(ssh_session session) {
-  session->out_hashbuf = ssh_buffer_new();
+  session->out_hashbuf = buffer_new();
   if (session->out_hashbuf == NULL) {
     return -1;
   }
@@ -663,7 +658,7 @@ int hashbufout_add_cookie(ssh_session session) {
 }
 
 int hashbufin_add_cookie(ssh_session session, unsigned char *cookie) {
-  session->in_hashbuf = ssh_buffer_new();
+  session->in_hashbuf = buffer_new();
   if (session->in_hashbuf == NULL) {
     return -1;
   }
@@ -691,7 +686,7 @@ static int generate_one_key(ssh_string k,
     return -1;
   }
 
-  sha1_update(ctx, k, ssh_string_len(k) + 4);
+  sha1_update(ctx, k, string_len(k) + 4);
   sha1_update(ctx, session_id, SHA_DIGEST_LEN);
   sha1_update(ctx, &letter, 1);
   sha1_update(ctx, session_id, SHA_DIGEST_LEN);
@@ -759,7 +754,7 @@ int generate_session_keys(ssh_session session) {
     if (ctx == NULL) {
       goto error;
     }
-    sha1_update(ctx, k_string, ssh_string_len(k_string) + 4);
+    sha1_update(ctx, k_string, string_len(k_string) + 4);
     sha1_update(ctx, session->next_crypto->session_id, SHA_DIGEST_LEN);
     sha1_update(ctx, session->next_crypto->encryptkey, SHA_DIGEST_LEN);
     sha1_final(session->next_crypto->encryptkey + SHA_DIGEST_LEN, ctx);
@@ -767,7 +762,7 @@ int generate_session_keys(ssh_session session) {
 
   if (session->next_crypto->in_cipher->keysize > SHA_DIGEST_LEN * 8) {
     ctx = sha1_init();
-    sha1_update(ctx, k_string, ssh_string_len(k_string) + 4);
+    sha1_update(ctx, k_string, string_len(k_string) + 4);
     sha1_update(ctx, session->next_crypto->session_id, SHA_DIGEST_LEN);
     sha1_update(ctx, session->next_crypto->decryptkey, SHA_DIGEST_LEN);
     sha1_final(session->next_crypto->decryptkey + SHA_DIGEST_LEN, ctx);
@@ -805,24 +800,20 @@ int generate_session_keys(ssh_session session) {
 
   rc = 0;
 error:
-  ssh_string_free(k_string);
+  string_free(k_string);
   leave_function();
 
   return rc;
 }
 
-/**
- * @addtogroup libssh_session
- *
- * @{
- */
-
+/** \addtogroup ssh_session
+ * @{ */
 /**
  * @brief Allocates a buffer with the MD5 hash of the server public key.
  *
- * @param[in] session   The SSH session to use.
+ * @param  session      The SSH session to use.
  *
- * @param[in] hash      The buffer to allocate.
+ * @param  hash         The buffer to allocate.
  *
  * @return The bytes allocated or < 0 on error.
  *
@@ -840,29 +831,28 @@ int ssh_get_pubkey_hash(ssh_session session, unsigned char **hash) {
   unsigned char *h;
 
   if (session == NULL || hash == NULL) {
-    return SSH_ERROR;
+    return -1;
   }
   *hash = NULL;
   if (session->current_crypto == NULL ||
       session->current_crypto->server_pubkey == NULL){
     ssh_set_error(session,SSH_FATAL,"No current cryptographic context");
-    return SSH_ERROR;
   }
 
   h = malloc(sizeof(unsigned char *) * MD5_DIGEST_LEN);
   if (h == NULL) {
-    return SSH_ERROR;
+    return -1;
   }
 
   ctx = md5_init();
   if (ctx == NULL) {
     SAFE_FREE(h);
-    return SSH_ERROR;
+    return -1;
   }
 
   pubkey = session->current_crypto->server_pubkey;
 
-  md5_update(ctx, pubkey->string, ssh_string_len(pubkey));
+  md5_update(ctx, pubkey->string, string_len(pubkey));
   md5_final(h, ctx);
 
   *hash = h;
@@ -872,11 +862,10 @@ int ssh_get_pubkey_hash(ssh_session session, unsigned char **hash) {
 
 /**
  * @brief Deallocate the hash obtained by ssh_get_pubkey_hash.
- *
  * This is required under Microsoft platform as this library might use a 
  * different C library than your software, hence a different heap.
  *
- * @param[in] hash      The buffer to deallocate.
+ * @param  hash         The buffer to deallocate.
  *
  * @see ssh_get_pubkey_hash()
  */
@@ -886,18 +875,14 @@ void ssh_clean_pubkey_hash(unsigned char **hash) {
 }
 
 ssh_string ssh_get_pubkey(ssh_session session){
-	if(session==NULL || session->current_crypto ==NULL ||
-      session->current_crypto->server_pubkey==NULL)
-    return NULL;
-	else
-    return ssh_string_copy(session->current_crypto->server_pubkey);
+    return string_copy(session->current_crypto->server_pubkey);
 }
 
 static int match(const char *group, const char *object){
   const char *a;
   const char *z;
 
-  z = group;
+  a = z = group;
   do {
     a = strchr(z, ',');
     if (a == NULL) {
@@ -934,7 +919,7 @@ int sig_verify(ssh_session session, ssh_public_key pubkey,
 #endif
 
   switch(pubkey->type) {
-    case SSH_KEYTYPE_DSS:
+    case TYPE_DSS:
 #ifdef HAVE_LIBGCRYPT
       valid = gcry_sexp_build(&gcryhash, NULL, "%b", SHA_DIGEST_LEN + 1, hash);
       if (valid != 0) {
@@ -969,8 +954,8 @@ int sig_verify(ssh_session session, ssh_public_key pubkey,
       ssh_set_error(session, SSH_FATAL, "Invalid DSA signature");
       return -1;
 
-    case SSH_KEYTYPE_RSA:
-    case SSH_KEYTYPE_RSA1:
+    case TYPE_RSA:
+    case TYPE_RSA1:
 #ifdef HAVE_LIBGCRYPT
       valid = gcry_sexp_build(&gcryhash, NULL,
           "(data(flags pkcs1)(hash sha1 %b))", SHA_DIGEST_LEN, hash + 1);
@@ -991,7 +976,7 @@ int sig_verify(ssh_session session, ssh_public_key pubkey,
       }
 #elif defined HAVE_LIBCRYPTO
       valid = RSA_verify(NID_sha1, hash + 1, SHA_DIGEST_LEN,
-          signature->rsa_sign->string, ssh_string_len(signature->rsa_sign),
+          signature->rsa_sign->string, string_len(signature->rsa_sign),
           pubkey->rsa_pub);
       if (valid == 1) {
         return 0;
@@ -1058,5 +1043,4 @@ int signature_verify(ssh_session session, ssh_string signature) {
 }
 
 /** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/error.c

@@ -26,11 +26,13 @@
 #include "libssh/priv.h"
 
 /**
- * @defgroup libssh_error The SSH error functions.
- * @ingroup libssh
- *
- * Functions for error handling.
+ * @defgroup ssh_error SSH Errors
  *
+ * @brief Functions for error handling.
+ */
+
+/**
+ * @addtogroup ssh_error
  * @{
  */
 
@@ -54,7 +56,6 @@ void ssh_set_error(void *error, int code, const char *descr, ...) {
   vsnprintf(err->error_buffer, ERROR_BUFFERLEN, descr, va);
   va_end(va);
   err->error_code = code;
-  ssh_log(error,SSH_LOG_RARE,"Error : %s",err->error_buffer);
 }
 
 /**
@@ -120,5 +121,4 @@ int ssh_get_error_code(void *error) {
 }
 
 /** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/gzip.c

@@ -58,10 +58,10 @@ static z_stream *initcompress(ssh_session session, int level) {
 
 static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level){
   z_stream *zout = session->current_crypto->compress_out_ctx;
-  void *in_ptr = buffer_get_rest(source);
-  unsigned long in_size = buffer_get_rest_len(source);
+  void *in_ptr = buffer_get(source);
+  unsigned long in_size = buffer_get_len(source);
   ssh_buffer dest = NULL;
-  unsigned char out_buf[BLOCKSIZE] = {0};
+  static unsigned char out_buf[BLOCKSIZE] = {0};
   unsigned long len;
   int status;
 
@@ -72,7 +72,7 @@ static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level)
     }
   }
 
-  dest = ssh_buffer_new();
+  dest = buffer_new();
   if (dest == NULL) {
     return NULL;
   }
@@ -84,14 +84,14 @@ static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level)
     zout->avail_out = BLOCKSIZE;
     status = deflate(zout, Z_PARTIAL_FLUSH);
     if (status != Z_OK) {
-      ssh_buffer_free(dest);
+      buffer_free(dest);
       ssh_set_error(session, SSH_FATAL,
           "status %d deflating zlib packet", status);
       return NULL;
     }
     len = BLOCKSIZE - zout->avail_out;
     if (buffer_add_data(dest, out_buf, len) < 0) {
-      ssh_buffer_free(dest);
+      buffer_free(dest);
       return NULL;
     }
     zout->next_out = out_buf;
@@ -103,22 +103,22 @@ static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level)
 int compress_buffer(ssh_session session, ssh_buffer buf) {
   ssh_buffer dest = NULL;
 
-  dest = gzip_compress(session, buf, session->compressionlevel);
+  dest = gzip_compress(session, buf, 9);
   if (dest == NULL) {
     return -1;
   }
 
   if (buffer_reinit(buf) < 0) {
-    ssh_buffer_free(dest);
+    buffer_free(dest);
     return -1;
   }
 
-  if (buffer_add_data(buf, buffer_get_rest(dest), buffer_get_rest_len(dest)) < 0) {
-    ssh_buffer_free(dest);
+  if (buffer_add_data(buf, buffer_get(dest), buffer_get_len(dest)) < 0) {
+    buffer_free(dest);
     return -1;
   }
 
-  ssh_buffer_free(dest);
+  buffer_free(dest);
   return 0;
 }
 
@@ -149,7 +149,7 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t
   z_stream *zin = session->current_crypto->compress_in_ctx;
   void *in_ptr = buffer_get_rest(source);
   unsigned long in_size = buffer_get_rest_len(source);
-  unsigned char out_buf[BLOCKSIZE] = {0};
+  static unsigned char out_buf[BLOCKSIZE] = {0};
   ssh_buffer dest = NULL;
   unsigned long len;
   int status;
@@ -161,7 +161,7 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t
     }
   }
 
-  dest = ssh_buffer_new();
+  dest = buffer_new();
   if (dest == NULL) {
     return NULL;
   }
@@ -176,18 +176,18 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t
     if (status != Z_OK) {
       ssh_set_error(session, SSH_FATAL,
           "status %d inflating zlib packet", status);
-      ssh_buffer_free(dest);
+      buffer_free(dest);
       return NULL;
     }
 
     len = BLOCKSIZE - zin->avail_out;
     if (buffer_add_data(dest,out_buf,len) < 0) {
-      ssh_buffer_free(dest);
+      buffer_free(dest);
       return NULL;
     }
-    if (buffer_get_rest_len(dest) > maxlen){
-      /* Size of packet exceeded, avoid a denial of service attack */
-      ssh_buffer_free(dest);
+    if (buffer_get_len(dest) > maxlen){
+      /* Size of packet exceded, avoid a denial of service attack */
+      buffer_free(dest);
       return NULL;
     }
     zin->next_out = out_buf;
@@ -205,16 +205,16 @@ int decompress_buffer(ssh_session session,ssh_buffer buf, size_t maxlen){
   }
 
   if (buffer_reinit(buf) < 0) {
-    ssh_buffer_free(dest);
+    buffer_free(dest);
     return -1;
   }
 
-  if (buffer_add_data(buf, buffer_get_rest(dest), buffer_get_rest_len(dest)) < 0) {
-    ssh_buffer_free(dest);
+  if (buffer_add_data(buf, buffer_get(dest), buffer_get_len(dest)) < 0) {
+    buffer_free(dest);
     return -1;
   }
 
-  ssh_buffer_free(dest);
+  buffer_free(dest);
   return 0;
 }
 

libssh/init.c

@@ -25,38 +25,31 @@
 #include "libssh/priv.h"
 #include "libssh/socket.h"
 #include "libssh/dh.h"
-#include "libssh/poll.h"
-#include "libssh/threads.h"
 
 #ifdef _WIN32
 #include <winsock2.h>
 #endif
 
 /**
- * @defgroup libssh The libssh API
- *
- * The libssh library is implementing the SSH protocols and some of its
- * extensions. This group of functions is mostly used to implment a SSH client.
- * Some function are needed to implement a SSH server too.
- *
+ * \addtogroup ssh_session
  * @{
  */
 
 /**
- * @brief Initialize global cryptographic data structures.
+ * @brief initialize global cryptographic data structures.
  *
  * This function should only be called once, at the beginning of the program, in
  * the main thread. It may be omitted if your program is not multithreaded.
  *
- * @returns             0 on success, -1 if an error occured.
+ * @returns 0
  */
 int ssh_init(void) {
-  if(ssh_threads_init())
-    return -1;
   if(ssh_crypto_init())
     return -1;
   if(ssh_socket_init())
     return -1;
+  if(ssh_regex_init())
+    return -1;
   return 0;
 }
 
@@ -66,20 +59,25 @@ int ssh_init(void) {
  *
  * This function should only be called once, at the end of the program!
  *
- * @returns             0 on succes, -1 if an error occured.
- *
+ * @returns -1 in case of error
    @returns 0 otherwise
  */
 int ssh_finalize(void) {
+  ssh_regex_finalize();
   ssh_crypto_finalize();
   ssh_socket_cleanup();
-  /* It is important to finalize threading after CRYPTO because
-   * it still depends on it */
-  ssh_threads_finalize();
-
+#ifdef HAVE_LIBGCRYPT
+  gcry_control(GCRYCTL_TERM_SECMEM);
+#elif defined HAVE_LIBCRYPTO
+  EVP_cleanup();
+#endif
+#ifdef _WIN32
+  WSACleanup();
+#endif
   return 0;
 }
 
-/** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/**
+ * @}
+ */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/kex.c

@@ -40,7 +40,6 @@
 #include "libssh/wrapper.h"
 #include "libssh/keys.h"
 #include "libssh/dh.h"
-#include "libssh/kex.h"
 #include "libssh/string.h"
 
 #ifdef HAVE_LIBGCRYPT
@@ -67,7 +66,7 @@
 #endif
 
 #if defined(HAVE_LIBZ) && defined(WITH_LIBZ)
-#define ZLIB "none,zlib,zlib@openssh.com"
+#define ZLIB "none,zlib"
 #else
 #define ZLIB "none"
 #endif
@@ -203,7 +202,7 @@ char **space_tokenize(const char *chain){
 
 /* find_matching gets 2 parameters : a list of available objects (available_d), separated by colons,*/
 /* and a list of preferred objects (preferred_d) */
-/* it will return a strduped pointer on the first preferred object found in the available objects list */
+/* it will return a strduped pointer on the first prefered object found in the available objects list */
 
 char *ssh_find_matching(const char *available_d, const char *preferred_d){
     char ** tok_available, **tok_preferred;
@@ -223,7 +222,6 @@ char *ssh_find_matching(const char *available_d, const char *preferred_d){
     if (tok_preferred == NULL) {
       SAFE_FREE(tok_available[0]);
       SAFE_FREE(tok_available);
-      return NULL;
     }
 
     for(i_pref=0; tok_preferred[i_pref] ; ++i_pref){
@@ -232,74 +230,62 @@ char *ssh_find_matching(const char *available_d, const char *preferred_d){
           /* match */
           ret=strdup(tok_available[i_avail]);
           /* free the tokens */
-          SAFE_FREE(tok_available[0]);
-          SAFE_FREE(tok_preferred[0]);
-          SAFE_FREE(tok_available);
-          SAFE_FREE(tok_preferred);
+          free(tok_available[0]);
+          free(tok_preferred[0]);
+          free(tok_available);
+          free(tok_preferred);
           return ret;
         }
       }
     }
-    SAFE_FREE(tok_available[0]);
-    SAFE_FREE(tok_preferred[0]);
-    SAFE_FREE(tok_available);
-    SAFE_FREE(tok_preferred);
+    free(tok_available[0]);
+    free(tok_preferred[0]);
+    free(tok_available);
+    free(tok_preferred);
     return NULL;
 }
 
-SSH_PACKET_CALLBACK(ssh_packet_kexinit){
-	int server_kex=session->server;
+int ssh_get_kex(ssh_session session, int server_kex) {
   ssh_string str = NULL;
   char *strings[10];
   int i;
 
   enter_function();
-  (void)type;
-  (void)user;
-  memset(strings, 0, sizeof(strings));
-  if(session->session_state != SSH_SESSION_STATE_INITIAL_KEX){
-  	ssh_set_error(session,SSH_FATAL,"SSH_KEXINIT received in wrong state");
-  	goto error;
-  }
-  if (server_kex) {
-      if (buffer_get_data(packet,session->client_kex.cookie,16) != 16) {
-        ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: no cookie in packet");
-        goto error;
-      }
 
-      if (hashbufin_add_cookie(session, session->client_kex.cookie) < 0) {
-        ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: adding cookie failed");
-        goto error;
-      }
-  } else {
-      if (buffer_get_data(packet,session->server_kex.cookie,16) != 16) {
-        ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: no cookie in packet");
-        goto error;
-      }
-
-      if (hashbufin_add_cookie(session, session->server_kex.cookie) < 0) {
-        ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: adding cookie failed");
-        goto error;
-      }
+  if (packet_wait(session, SSH2_MSG_KEXINIT, 1) != SSH_OK) {
+    leave_function();
+    return -1;
   }
 
+  if (buffer_get_data(session->in_buffer,session->server_kex.cookie,16) != 16) {
+    ssh_set_error(session, SSH_FATAL, "get_kex(): no cookie in packet");
+    leave_function();
+    return -1;
+  }
+
+  if (hashbufin_add_cookie(session, session->server_kex.cookie) < 0) {
+    ssh_set_error(session, SSH_FATAL, "get_kex(): adding cookie failed");
+    leave_function();
+    return -1;
+  }
+
+  memset(strings, 0, sizeof(char *) * 10);
+
   for (i = 0; i < 10; i++) {
-    str = buffer_get_ssh_string(packet);
+    str = buffer_get_ssh_string(session->in_buffer);
     if (str == NULL) {
       break;
     }
 
     if (buffer_add_ssh_string(session->in_hashbuf, str) < 0) {
-    	ssh_set_error(session, SSH_FATAL, "Error adding string in hash buffer");
       goto error;
     }
 
-    strings[i] = ssh_string_to_char(str);
+    strings[i] = string_to_char(str);
     if (strings[i] == NULL) {
-    	ssh_set_error_oom(session);
       goto error;
     }
-    ssh_string_free(str);
+    string_free(str);
     str = NULL;
   }
 
@@ -307,8 +293,8 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
   if (server_kex) {
     session->client_kex.methods = malloc(10 * sizeof(char **));
     if (session->client_kex.methods == NULL) {
-      ssh_set_error_oom(session);
-      goto error;
+      leave_function();
+      return -1;
     }
 
     for (i = 0; i < 10; i++) {
@@ -317,8 +303,8 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
   } else { /* client */
     session->server_kex.methods = malloc(10 * sizeof(char **));
     if (session->server_kex.methods == NULL) {
-      ssh_set_error_oom(session);
-      goto error;
+      leave_function();
+      return -1;
     }
 
     for (i = 0; i < 10; i++) {
@@ -327,18 +313,15 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
   }
 
   leave_function();
-  session->session_state=SSH_SESSION_STATE_KEXINIT_RECEIVED;
-  session->ssh_connection_callback(session);
-  return SSH_PACKET_USED;
+  return 0;
 error:
-  ssh_string_free(str);
+  string_free(str);
   for (i = 0; i < 10; i++) {
     SAFE_FREE(strings[i]);
   }
 
-  session->session_state = SSH_SESSION_STATE_ERROR;
   leave_function();
-  return SSH_PACKET_USED;
+  return -1;
 }
 
 void ssh_list_kex(ssh_session session, KEX *kex) {
@@ -347,10 +330,7 @@ void ssh_list_kex(ssh_session session, KEX *kex) {
 #ifdef DEBUG_CRYPTO
   ssh_print_hexa("session cookie", kex->cookie, 16);
 #endif
-  if(kex->methods==NULL){
-    ssh_log(session, SSH_LOG_RARE,"kex->methods is NULL");
-    return;
-  }
+
   for(i = 0; i < 10; i++) {
     ssh_log(session, SSH_LOG_FUNCTIONS, "%s: %s",
         ssh_kex_nums[i], kex->methods[i]);
@@ -420,7 +400,7 @@ int ssh_send_kex(ssh_session session, int server_kex) {
   ssh_list_kex(session, kex);
 
   for (i = 0; i < 10; i++) {
-    str = ssh_string_from_char(kex->methods[i]);
+    str = string_from_char(kex->methods[i]);
     if (str == NULL) {
       goto error;
     }
@@ -431,7 +411,7 @@ int ssh_send_kex(ssh_session session, int server_kex) {
     if (buffer_add_ssh_string(session->out_buffer, str) < 0) {
       goto error;
     }
-    ssh_string_free(str);
+    string_free(str);
   }
 
   if (buffer_add_u8(session->out_buffer, 0) < 0) {
@@ -441,7 +421,7 @@ int ssh_send_kex(ssh_session session, int server_kex) {
     goto error;
   }
 
-  if (packet_send(session) == SSH_ERROR) {
+  if (packet_send(session) != SSH_OK) {
     leave_function();
     return -1;
   }
@@ -451,7 +431,7 @@ int ssh_send_kex(ssh_session session, int server_kex) {
 error:
   buffer_reinit(session->out_buffer);
   buffer_reinit(session->out_hashbuf);
-  ssh_string_free(str);
+  string_free(str);
 
   leave_function();
   return -1;
@@ -479,8 +459,8 @@ static ssh_string make_rsa1_string(ssh_string e, ssh_string n){
   ssh_string rsa = NULL;
   ssh_string ret = NULL;
 
-  buffer = ssh_buffer_new();
-  rsa = ssh_string_from_char("ssh-rsa1");
+  buffer = buffer_new();
+  rsa = string_from_char("ssh-rsa1");
 
   if (buffer_add_ssh_string(buffer, rsa) < 0) {
     goto error;
@@ -492,15 +472,15 @@ static ssh_string make_rsa1_string(ssh_string e, ssh_string n){
     goto error;
   }
 
-  ret = ssh_string_new(ssh_buffer_get_len(buffer));
+  ret = string_new(buffer_get_len(buffer));
   if (ret == NULL) {
     goto error;
   }
 
-  ssh_string_fill(ret, ssh_buffer_get_begin(buffer), ssh_buffer_get_len(buffer));
+  string_fill(ret, buffer_get(buffer), buffer_get_len(buffer));
 error:
-  ssh_buffer_free(buffer);
-  ssh_string_free(rsa);
+  buffer_free(buffer);
+  string_free(rsa);
 
   return ret;
 }
@@ -515,11 +495,11 @@ static int build_session_id1(ssh_session session, ssh_string servern,
   }
 
 #ifdef DEBUG_CRYPTO
-  ssh_print_hexa("host modulus",ssh_string_data(hostn),ssh_string_len(hostn));
-  ssh_print_hexa("server modulus",ssh_string_data(servern),ssh_string_len(servern));
+  ssh_print_hexa("host modulus",string_data(hostn),string_len(hostn));
+  ssh_print_hexa("server modulus",string_data(servern),string_len(servern));
 #endif
-  md5_update(md5,ssh_string_data(hostn),ssh_string_len(hostn));
-  md5_update(md5,ssh_string_data(servern),ssh_string_len(servern));
+  md5_update(md5,string_data(hostn),string_len(hostn));
+  md5_update(md5,string_data(servern),string_len(servern));
   md5_update(md5,session->server_kex.cookie,8);
   md5_final(session->next_crypto->session_id,md5);
 #ifdef DEBUG_CRYPTO
@@ -529,6 +509,7 @@ static int build_session_id1(ssh_session session, ssh_string servern,
   return 0;
 }
 
+
 /* returns 1 if the modulus of k1 is < than the one of k2 */
 static int modulus_smaller(ssh_public_key k1, ssh_public_key k2){
     bignum n1;
@@ -579,11 +560,11 @@ static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey
   for (i = 0; i < 16; i++) {
     buffer[i] ^= session->next_crypto->session_id[i];
   }
-  data1 = ssh_string_new(32);
+  data1 = string_new(32);
   if (data1 == NULL) {
     return NULL;
   }
-  ssh_string_fill(data1, buffer, 32);
+  string_fill(data1, buffer, 32);
   if (ABS(hlen - slen) < 128){
     ssh_log(session, SSH_LOG_FUNCTIONS,
         "Difference between server modulus and host modulus is only %d. "
@@ -593,25 +574,25 @@ static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey
 
   if (modulus_smaller(srvkey, hostkey)) {
     data2 = ssh_encrypt_rsa1(session, data1, srvkey);
-    ssh_string_free(data1);
+    string_free(data1);
     data1 = NULL;
     if (data2 == NULL) {
       return NULL;
     }
     data1 = ssh_encrypt_rsa1(session, data2, hostkey);
-    ssh_string_free(data2);
+    string_free(data2);
     if (data1 == NULL) {
       return NULL;
     }
   } else {
     data2 = ssh_encrypt_rsa1(session, data1, hostkey);
-    ssh_string_free(data1);
+    string_free(data1);
     data1 = NULL;
     if (data2 == NULL) {
       return NULL;
     }
     data1 = ssh_encrypt_rsa1(session, data2, srvkey);
-    ssh_string_free(data2);
+    string_free(data2);
     if (data1 == NULL) {
       return NULL;
     }
@@ -620,6 +601,7 @@ static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey
   return data1;
 }
 
+
 /* SSH-1 functions */
 /*    2 SSH_SMSG_PUBLIC_KEY
  *
@@ -634,16 +616,15 @@ static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey
  *    32-bit int   supported_ciphers_mask
  *    32-bit int   supported_authentications_mask
  */
-/**
- * @brief Wait for a SSH_SMSG_PUBLIC_KEY and does the key exchange
- */
-SSH_PACKET_CALLBACK(ssh_packet_publickey1){
+
+int ssh_get_kex1(ssh_session session) {
   ssh_string server_exp = NULL;
   ssh_string server_mod = NULL;
   ssh_string host_exp = NULL;
   ssh_string host_mod = NULL;
   ssh_string serverkey = NULL;
   ssh_string hostkey = NULL;
+  ssh_string enc_session = NULL;
   ssh_public_key srv = NULL;
   ssh_public_key host = NULL;
   uint32_t server_bits;
@@ -651,43 +632,45 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1){
   uint32_t protocol_flags;
   uint32_t supported_ciphers_mask;
   uint32_t supported_authentications_mask;
-  ssh_string enc_session = NULL;
   uint16_t bits;
+  int rc = -1;
   int ko;
+
   enter_function();
-  (void)type;
-  (void)user;
-  ssh_log(session, SSH_LOG_PROTOCOL, "Got a SSH_SMSG_PUBLIC_KEY");
-  if(session->session_state != SSH_SESSION_STATE_INITIAL_KEX){
-    ssh_set_error(session,SSH_FATAL,"SSH_KEXINIT received in wrong state");
-    goto error;
-  }
-  if (buffer_get_data(packet, session->server_kex.cookie, 8) != 8) {
-    ssh_set_error(session, SSH_FATAL, "Can't get cookie in buffer");
-    goto error;
+  ssh_log(session, SSH_LOG_PROTOCOL, "Waiting for a SSH_SMSG_PUBLIC_KEY");
+  if (packet_wait(session, SSH_SMSG_PUBLIC_KEY, 1) != SSH_OK) {
+    leave_function();
+    return -1;
   }
 
-  buffer_get_u32(packet, &server_bits);
-  server_exp = buffer_get_mpint(packet);
+  ssh_log(session, SSH_LOG_PROTOCOL, "Got a SSH_SMSG_PUBLIC_KEY");
+  if (buffer_get_data(session->in_buffer, session->server_kex.cookie, 8) != 8) {
+    ssh_set_error(session, SSH_FATAL, "Can't get cookie in buffer");
+    leave_function();
+    return -1;
+  }
+
+  buffer_get_u32(session->in_buffer, &server_bits);
+  server_exp = buffer_get_mpint(session->in_buffer);
   if (server_exp == NULL) {
     goto error;
   }
-  server_mod = buffer_get_mpint(packet);
+  server_mod = buffer_get_mpint(session->in_buffer);
   if (server_mod == NULL) {
     goto error;
   }
-  buffer_get_u32(packet, &host_bits);
-  host_exp = buffer_get_mpint(packet);
+  buffer_get_u32(session->in_buffer, &host_bits);
+  host_exp = buffer_get_mpint(session->in_buffer);
   if (host_exp == NULL) {
     goto error;
   }
-  host_mod = buffer_get_mpint(packet);
+  host_mod = buffer_get_mpint(session->in_buffer);
   if (host_mod == NULL) {
     goto error;
   }
-  buffer_get_u32(packet, &protocol_flags);
-  buffer_get_u32(packet, &supported_ciphers_mask);
-  ko = buffer_get_u32(packet, &supported_authentications_mask);
+  buffer_get_u32(session->in_buffer, &protocol_flags);
+  buffer_get_u32(session->in_buffer, &supported_ciphers_mask);
+  ko = buffer_get_u32(session->in_buffer, &supported_authentications_mask);
 
   if ((ko != sizeof(uint32_t)) || !host_mod || !host_exp
       || !server_mod || !server_exp) {
@@ -731,7 +714,7 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1){
     goto error;
   }
 
-  session->next_crypto->server_pubkey = ssh_string_copy(hostkey);
+  session->next_crypto->server_pubkey = string_copy(hostkey);
   if (session->next_crypto->server_pubkey == NULL) {
     goto error;
   }
@@ -743,94 +726,79 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1){
     ssh_set_error(session, SSH_FATAL, "Remote server doesn't accept 3DES");
     goto error;
   }
+
   ssh_log(session, SSH_LOG_PROTOCOL, "Sending SSH_CMSG_SESSION_KEY");
 
-   if (buffer_add_u8(session->out_buffer, SSH_CMSG_SESSION_KEY) < 0) {
-     goto error;
-   }
-   if (buffer_add_u8(session->out_buffer, SSH_CIPHER_3DES) < 0) {
-     goto error;
-   }
-   if (buffer_add_data(session->out_buffer, session->server_kex.cookie, 8) < 0) {
-     goto error;
-   }
-
-   enc_session = encrypt_session_key(session, srv, host, server_bits, host_bits);
-   if (enc_session == NULL) {
-     goto error;
-   }
-
-   bits = ssh_string_len(enc_session) * 8 - 7;
-   ssh_log(session, SSH_LOG_PROTOCOL, "%d bits, %" PRIdS " bytes encrypted session",
-       bits, ssh_string_len(enc_session));
-   bits = htons(bits);
-   /* the encrypted mpint */
-   if (buffer_add_data(session->out_buffer, &bits, sizeof(uint16_t)) < 0) {
-     goto error;
-   }
-   if (buffer_add_data(session->out_buffer, ssh_string_data(enc_session),
-         ssh_string_len(enc_session)) < 0) {
-     goto error;
-   }
-   /* the protocol flags */
-   if (buffer_add_u32(session->out_buffer, 0) < 0) {
-     goto error;
-   }
-   session->session_state=SSH_SESSION_STATE_KEXINIT_RECEIVED;
-   if (packet_send(session) == SSH_ERROR) {
-     goto error;
-   }
-
-   /* we can set encryption */
-   if (crypt_set_algorithms(session)) {
-     goto error;
-   }
-
-   session->current_crypto = session->next_crypto;
-   session->next_crypto = NULL;
-   goto end;
-error:
-  session->session_state=SSH_SESSION_STATE_ERROR;
-end:
-
-   ssh_string_free(host_mod);
-   ssh_string_free(host_exp);
-   ssh_string_free(server_mod);
-   ssh_string_free(server_exp);
-   ssh_string_free(serverkey);
-   ssh_string_free(hostkey);
-   ssh_string_free(enc_session);
-
-   publickey_free(srv);
-   publickey_free(host);
-
-   leave_function();
-   return SSH_PACKET_USED;
-}
-
-int ssh_get_kex1(ssh_session session) {
-  int ret=SSH_ERROR;
-  enter_function();
-  ssh_log(session, SSH_LOG_PROTOCOL, "Waiting for a SSH_SMSG_PUBLIC_KEY");
-  /* Here the callback is called */
-  while(session->session_state==SSH_SESSION_STATE_INITIAL_KEX){
-    ssh_handle_packets(session,-1);
-  }
-  if(session->session_state==SSH_SESSION_STATE_ERROR)
+  if (buffer_add_u8(session->out_buffer, SSH_CMSG_SESSION_KEY) < 0) {
+    goto error;
+  }
+  if (buffer_add_u8(session->out_buffer, SSH_CIPHER_3DES) < 0) {
+    goto error;
+  }
+  if (buffer_add_data(session->out_buffer, session->server_kex.cookie, 8) < 0) {
+    goto error;
+  }
+
+  enc_session = encrypt_session_key(session, srv, host, server_bits, host_bits);
+  if (enc_session == NULL) {
+    goto error;
+  }
+
+  bits = string_len(enc_session) * 8 - 7;
+  ssh_log(session, SSH_LOG_PROTOCOL, "%d bits, %zu bytes encrypted session",
+      bits, string_len(enc_session));
+  bits = htons(bits);
+  /* the encrypted mpint */
+  if (buffer_add_data(session->out_buffer, &bits, sizeof(uint16_t)) < 0) {
+    goto error;
+  }
+  if (buffer_add_data(session->out_buffer, string_data(enc_session),
+        string_len(enc_session)) < 0) {
+    goto error;
+  }
+  /* the protocol flags */
+  if (buffer_add_u32(session->out_buffer, 0) < 0) {
+    goto error;
+  }
+
+  if (packet_send(session) != SSH_OK) {
+    goto error;
+  }
+
+  /* we can set encryption */
+  if (crypt_set_algorithms(session)) {
+    goto error;
+  }
+
+  session->current_crypto = session->next_crypto;
+  session->next_crypto = NULL;
+
+  ssh_log(session, SSH_LOG_PROTOCOL, "Waiting for a SSH_SMSG_SUCCESS");
+  if (packet_wait(session,SSH_SMSG_SUCCESS,1) != SSH_OK) {
+    char buffer[1024] = {0};
+    snprintf(buffer, sizeof(buffer),
+        "Key exchange failed: %s", ssh_get_error(session));
+    ssh_set_error(session, SSH_FATAL, "%s",buffer);
     goto error;
-  ssh_log(session, SSH_LOG_PROTOCOL, "Waiting for a SSH_SMSG_SUCCESS");
-  /* Waiting for SSH_SMSG_SUCCESS */
-  while(session->session_state==SSH_SESSION_STATE_KEXINIT_RECEIVED){
-    ssh_handle_packets(session,-1);
   }
-  if(session->session_state==SSH_SESSION_STATE_ERROR)
-      goto error;
   ssh_log(session, SSH_LOG_PROTOCOL, "received SSH_SMSG_SUCCESS\n");
-  ret=SSH_OK;
+
+  rc = 0;
 error:
+  string_free(host_mod);
+  string_free(host_exp);
+  string_free(server_mod);
+  string_free(server_exp);
+  string_free(serverkey);
+  string_free(hostkey);
+
+  publickey_free(srv);
+  publickey_free(host);
+
   leave_function();
-  return ret;
+  return rc;
 }
 
 #endif /* WITH_SSH1 */
+
 /* vim: set ts=2 sw=2 et cindent: */