Fix build on windows, missing include.

Fix doxygen to match SSH_SERVER_FILE_NOT_FOUND fix
Add changelog entries for 0.3.1.
2026-02-04 20:30:38 +09:00 · 2009-07-14 10:52:18 +02:00 · 2009-07-14 10:22:17 +02:00 · 2009-07-14 09:51:49 +02:00 · 2009-07-14 09:51:36 +02:00 · 2009-07-13 12:07:31 +02:00
11 changed files with 58 additions and 24 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -10,9 +10,9 @@ set(APPLICATION_VERSION "0.3.0")

 set(APPLICATION_VERSION_MAJOR "0")
 set(APPLICATION_VERSION_MINOR "3")
-set(APPLICATION_VERSION_PATCH "0")
+set(APPLICATION_VERSION_PATCH "1")

-set(LIBRARY_VERSION "3.0.0")
+set(LIBRARY_VERSION "3.1.0")
 set(LIBRARY_SOVERSION "3")

 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
--- a/CPackConfig.cmake
+++ b/CPackConfig.cmake
@@ -15,7 +15,7 @@ set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING")
 ### versions
 set(CPACK_PACKAGE_VERSION_MAJOR "0")
 set(CPACK_PACKAGE_VERSION_MINOR "3")
-set(CPACK_PACKAGE_VERSION_PATCH "0")
+set(CPACK_PACKAGE_VERSION_PATCH "1")
 set(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")


--- a/9
+++ b/9
@@ -1,6 +1,15 @@
 ChangeLog
 ==========

+version 0.3.1 (released 2009-07-14)
+  * Added return code SSH_SERVER_FILE_NOT_FOUND.
+  * Fixed compilation of SSHv1.
+  * Fixed several memory leaks.
+  * Fixed possible infinite loops.
+  * Fixed a possible crash bug.
+  * Fixed build warnings.
+  * Fixed cmake on BSD.
+
 version 0.3 (released 2009-05-21)
  * Added support for ssh-agent authentication.
  * Added POSIX like sftp implementation.
--- a/include/libssh/libssh.h
+++ b/include/libssh/libssh.h
@@ -51,7 +51,7 @@ typedef unsigned long long uint64_t;
 /* libssh version */
 #define LIBSSH_VERSION_MAJOR  0
 #define LIBSSH_VERSION_MINOR  3
-#define LIBSSH_VERSION_MICRO  0
+#define LIBSSH_VERSION_MICRO  1

 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \
                                           LIBSSH_VERSION_MINOR, \
@@ -134,6 +134,7 @@ typedef int socket_t;
 #define SSH_SERVER_KNOWN_OK 1
 #define SSH_SERVER_KNOWN_CHANGED 2
 #define SSH_SERVER_FOUND_OTHER 3
+#define SSH_SERVER_FILE_NOT_FOUND 4

 #ifndef MD5_DIGEST_LEN
    #define MD5_DIGEST_LEN 16
--- a/libssh/channels.c
+++ b/libssh/channels.c
@@ -315,7 +315,7 @@ static void channel_rcv_change_window(SSH_SESSION *session) {

  channel = channel_from_msg(session);
  if (channel == NULL) {
-    ssh_log(session, SSH_LOG_FUNCTIONS, ssh_get_error(session));
+    ssh_log(session, SSH_LOG_FUNCTIONS, "%s", ssh_get_error(session));
  }

  rc = buffer_get_u32(session->in_buffer, &bytes);
@@ -413,7 +413,7 @@ static void channel_rcv_eof(SSH_SESSION *session) {

  channel = channel_from_msg(session);
  if (channel == NULL) {
-    ssh_log(session, SSH_LOG_FUNCTIONS, ssh_get_error(session));
+    ssh_log(session, SSH_LOG_FUNCTIONS, "%s", ssh_get_error(session));
    leave_function();
    return;
  }
@@ -435,7 +435,7 @@ static void channel_rcv_close(SSH_SESSION *session) {

  channel = channel_from_msg(session);
  if (channel == NULL) {
-    ssh_log(session, SSH_LOG_FUNCTIONS, ssh_get_error(session));
+    ssh_log(session, SSH_LOG_FUNCTIONS, "%s", ssh_get_error(session));
    leave_function();
    return;
  }
@@ -477,7 +477,7 @@ static void channel_rcv_request(SSH_SESSION *session) {

  channel = channel_from_msg(session);
  if (channel == NULL) {
-    ssh_log(session, SSH_LOG_FUNCTIONS, ssh_get_error(session));
+    ssh_log(session, SSH_LOG_FUNCTIONS,"%s", ssh_get_error(session));
    leave_function();
    return;
  }
--- a/libssh/client.c
+++ b/libssh/client.c
@@ -221,6 +221,7 @@ static int dh_handshake(SSH_SESSION *session) {
      }
      string_burn(e);
      string_free(e);
+      e=NULL;

      rc = packet_send(session);
      if (rc == SSH_ERROR) {
@@ -261,7 +262,7 @@ static int dh_handshake(SSH_SESSION *session) {
      }
      string_burn(f);
      string_free(f);
-
+      f=NULL;
      signature = buffer_get_ssh_string(session->in_buffer);
      if (signature == NULL) {
        ssh_set_error(session, SSH_FATAL, "No signature in packet");
@@ -332,13 +333,14 @@ static int dh_handshake(SSH_SESSION *session) {
      /* forget it for now ... */
      string_burn(signature);
      string_free(signature);
-
+      signature=NULL;
      /*
       * Once we got SSH2_MSG_NEWKEYS we can switch next_crypto and
       * current_crypto
       */
      if (session->current_crypto) {
        crypto_free(session->current_crypto);
+        session->current_crypto=NULL;
      }

      /* FIXME later, include a function to change keys */
@@ -364,14 +366,22 @@ static int dh_handshake(SSH_SESSION *session) {

  /* not reached */
 error:
-  string_burn(e);
-  string_free(e);
-  string_burn(f);
-  string_free(f);
-  string_burn(pubkey);
-  string_free(pubkey);
-  string_burn(signature);
-  string_free(signature);
+  if(e != NULL){
+    string_burn(e);
+    string_free(e);
+  }
+  if(f != NULL){
+    string_burn(f);
+    string_free(f);
+  }
+  if(pubkey != NULL){
+    string_burn(pubkey);
+    string_free(pubkey);
+  }
+  if(signature != NULL){
+    string_burn(signature);
+    string_free(signature);
+  }

  leave_function();
  return rc;
--- a/libssh/keyfiles.c
+++ b/libssh/keyfiles.c
@@ -1280,9 +1280,9 @@ static int match_hashed_host(SSH_SESSION *session, const char *host,
    leave_function();
    return 0;
  }
-  SAFE_FREE(source);

  hash = base64_to_bin(b64hash);
+  SAFE_FREE(source);
  if (hash == NULL) {
    buffer_free(salt);
    leave_function();
@@ -1342,6 +1342,9 @@ static int match_hashed_host(SSH_SESSION *session, const char *host,
 *                                   possible attack \n
 *         SSH_SERVER_NOT_KNOWN:     The server is unknown. User should confirm
 *                                   the MD5 is correct\n
+ *         SSH_SERVER_FILE_NOT_FOUND:The known host file does not exist. The
+ *                                   host is thus unknown. File will be created
+ *                                   if host key is accepted\n
 *         SSH_SERVER_ERROR:         Some error happened
 *
 * \see ssh_options_set_wanted_algo()
@@ -1361,10 +1364,10 @@ int ssh_is_server_known(SSH_SESSION *session) {
  enter_function();

  if (ssh_options_default_known_hosts_file(session->options) < 0) {
-    ssh_set_error(session, SSH_FATAL,
+    ssh_set_error(session, SSH_REQUEST_DENIED,
        "Can't find a known_hosts file");
    leave_function();
-    return SSH_SERVER_ERROR;
+    return SSH_SERVER_FILE_NOT_FOUND;
  }

  if (session->options->host == NULL) {
@@ -1418,6 +1421,8 @@ int ssh_is_server_known(SSH_SESSION *session) {
        /* We override the status with the wrong key state */
        ret = SSH_SERVER_KNOWN_CHANGED;
      }
+    } else {
+      tokens_free(tokens);
    }
  } while (1);

@@ -1432,7 +1437,7 @@ int ssh_is_server_known(SSH_SESSION *session) {
 }

 /** You generaly use it when ssh_is_server_known() answered SSH_SERVER_NOT_KNOWN
- * \brief write the current server as known in the known hosts file
+ * \brief write the current server as known in the known hosts file. This will create the known hosts file if it does not exist.
 * \param session ssh session
 * \return 0 on success, -1 on error
 */
--- a/libssh/messages.c
+++ b/libssh/messages.c
@@ -783,7 +783,9 @@ void ssh_message_free(SSH_MESSAGE *msg){
      SAFE_FREE(msg->channel_request.subsystem);
      break;
  }
+
  ZERO_STRUCTP(msg);
+  SAFE_FREE(msg);
 }

 /**
--- a/libssh/poll.c
+++ b/libssh/poll.c
@@ -25,6 +25,8 @@

 /* This code is based on glib's gpoll */

+#include <errno.h>
+
 #include "config.h"
 #include "libssh/priv.h"

--- a/libssh/sftp.c
+++ b/libssh/sftp.c
@@ -1681,6 +1681,7 @@ ssize_t sftp_write(SFTP_FILE *file, const void *buf, size_t count) {
  BUFFER *buffer;
  u32 id;
  int len;
+  int packetlen;

  buffer = buffer_new();
  if (buffer == NULL) {
@@ -1704,12 +1705,12 @@ ssize_t sftp_write(SFTP_FILE *file, const void *buf, size_t count) {
    return -1;
  }
  string_free(datastring);
-
  len = sftp_packet_write(file->sftp, SSH_FXP_WRITE, buffer);
+  packetlen=buffer_get_len(buffer);
  buffer_free(buffer);
  if (len < 0) {
    return -1;
-  } else  if ((u32) len != buffer_get_len(buffer)) {
+  } else  if (len != packetlen) {
    ssh_log(sftp->session, SSH_LOG_PACKET,
        "Could not write as much data as expected");
  }
--- a/sample.c
+++ b/sample.c
@@ -469,6 +469,10 @@ int main(int argc, char **argv){
            ssh_disconnect(session);
 		    ssh_finalize();
            exit(-1);
+        case SSH_SERVER_FILE_NOT_FOUND:
+            fprintf(stderr,"Could not find known host file. If you accept the host key here,\n");
+            fprintf(stderr,"the file will be automatically created.\n");
+            /* fallback to SSH_SERVER_NOT_KNOWN behaviour */
        case SSH_SERVER_NOT_KNOWN:
            hexa = ssh_get_hexa(hash, hlen);
            free(hash);
Author	SHA1	Message	Date
Andreas Schneider	d411260a68	Fix build on windows, missing include.	2009-07-14 10:52:18 +02:00
Aris Adamantiadis	f8f0663eb9	Fix doxygen to match SSH_SERVER_FILE_NOT_FOUND fix	2009-07-14 10:22:17 +02:00
Andreas Schneider	cedc635ed0	Add changelog entries for 0.3.1.	2009-07-14 09:51:49 +02:00
Andreas Schneider	ff819489b7	Set version to 0.3.1.	2009-07-14 09:51:36 +02:00
Aris Adamantiadis	37dc2a5279	Reflect the SSH_SERVER_NOT_KNOWN add-on in sample	2009-07-13 12:07:31 +02:00
Aris Adamantiadis	50ebbe636e	Added return code SSH_SERVER_FILE_NOT_FOUND This error is returned by ssh_is_server_known when known_hosts file does not exist and gives more action to the developer.	2009-07-13 12:07:19 +02:00
Aris Adamantiadis	101bf21d41	Fixed Could not write as much data as expected msg Bug caused by verifying the size of the buffer in the wrong place	2009-07-02 10:37:32 +02:00
Aris Adamantiadis	ae3bb42da5	Fixed memory leak in ssh_is_server_known()	2009-06-23 09:13:26 +02:00
Aris Adamantiadis	918a912cd5	Fixed yet another read-after-free bug read of a buffer len after free in sftp_write()	2009-06-23 09:13:15 +02:00
Aris Adamantiadis	7ba81b974e	Fixed a use-after-free in match_hashed_host()	2009-06-21 22:18:43 +02:00
Aris Adamantiadis	b5e868fb8b	Fix doublefree bug found by Cyril	2009-06-21 22:18:38 +02:00
Andreas Schneider	693c041ba9	Fix a memory leak in ssh_message_free().	2009-06-20 11:30:09 +02:00
Aris Adamantiadis	39c7e3c7dd	Fixed potential format string attacks Potential format string attacks on error reporting in channels.c	2009-06-20 11:25:23 +02:00