Update Changelog.

I've added a non-existent kex header, sorry.

.clang_complete

@@ -1 +0,0 @@
--Iinclude -Ibuild

CMakeLists.txt

@@ -7,8 +7,8 @@ cmake_minimum_required(VERSION 2.6.0)
 set(APPLICATION_NAME ${PROJECT_NAME})
 
 set(APPLICATION_VERSION_MAJOR "0")
-set(APPLICATION_VERSION_MINOR "5")
-set(APPLICATION_VERSION_PATCH "5")
+set(APPLICATION_VERSION_MINOR "4")
+set(APPLICATION_VERSION_PATCH "4")
 
 set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}")
 
@@ -19,7 +19,7 @@ set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINO
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "4.2.5")
+set(LIBRARY_VERSION "4.1.1")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
@@ -29,7 +29,6 @@ set(CMAKE_MODULE_PATH
 
 # add definitions
 include(DefineCMakeDefaults)
-include(DefinePlatformDefaults)
 include(DefineCompilerFlags)
 include(DefineInstallationPaths)
 include(DefineOptions.cmake)
@@ -44,9 +43,7 @@ include(MacroAddPlugin)
 include(MacroCopyFile)
 
 # search for libraries
-if (WITH_LIBZ)
-    find_package(ZLIB REQUIRED)
-endif (WITH_LIBZ)
+find_package(ZLIB REQUIRED)
 
 if (WITH_GCRYPT)
   find_package(GCrypt REQUIRED)
@@ -63,10 +60,6 @@ else (WITH_GCRYPT)
   endif (NOT OPENSSL_FOUND)
 endif(WITH_GCRYPT)
 
-# Find out if we have threading available
-set(CMAKE_THREAD_PREFER_PTHREADS ON)
-find_package(Threads)
-
 # config.h checks
 include(ConfigureChecks.cmake)
 configure_file(config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config.h)
@@ -74,46 +67,12 @@ configure_file(config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config.h)
 # check subdirectories
 add_subdirectory(doc)
 add_subdirectory(include)
-add_subdirectory(src)
+add_subdirectory(libssh)
 
-# pkg-config file
-configure_file(libssh.pc.cmake ${CMAKE_CURRENT_BINARY_DIR}/libssh.pc)
-configure_file(libssh_threads.pc.cmake ${CMAKE_CURRENT_BINARY_DIR}/libssh_threads.pc)
-install(
-  FILES
-    ${CMAKE_CURRENT_BINARY_DIR}/libssh.pc
-    ${CMAKE_CURRENT_BINARY_DIR}/libssh_threads.pc
-  DESTINATION
-    ${LIB_INSTALL_DIR}/pkgconfig
-  COMPONENT
-    pkgconfig
-)
+# build samples
+include_directories(${CMAKE_SOURCE_DIR}/include)
 
-add_subdirectory(examples)
-
-if (WITH_TESTING)
-  find_package(CMockery REQUIRED)
-  include(AddCMockeryTest)
-  add_subdirectory(tests)
-endif (WITH_TESTING)
-
-
-message(STATUS "********************************************")
-message(STATUS "********** ${PROJECT_NAME} build options : **********")
-
-message(STATUS "zlib support: ${WITH_LIBZ}")
-message(STATUS "libgcrypt support: ${WITH_GCRYPT}")
-message(STATUS "SSH-1 support: ${WITH_SSH1}")
-message(STATUS "SFTP support: ${WITH_SFTP}")
-message(STATUS "Server support : ${WITH_SERVER}")
-message(STATUS "Pcap debugging support : ${WITH_PCAP}")
-message(STATUS "Unit testing: ${WITH_TESTING}")
-message(STATUS "Client code Unit testing: ${WITH_CLIENT_TESTING}")
-if (WITH_INTERNAL_DOC)
-    message(STATUS "Internal documentation generation")
-else (WITH_INTERNAL_DOC)
-    message(STATUS "Public API documentation generation")
-endif (WITH_INTERNAL_DOC)
-message(STATUS "Benchmarks: ${WITH_BENCHMARKS}")
-message(STATUS "********************************************")
+if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
+  add_subdirectory(examples)
+endif (CMAKE_SYSTEM_NAME STREQUAL "Linux")
 

CPackConfig.cmake

@@ -11,9 +11,9 @@ set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING")
 
 
 ### versions
-set(CPACK_PACKAGE_VERSION_MAJOR "${APPLICATION_VERSION_MAJOR}")
-set(CPACK_PACKAGE_VERSION_MINOR "${APPLICATION_VERSION_MINOR}")
-set(CPACK_PACKAGE_VERSION_PATCH "${APPLICATION_VERSION_PATCH}")
+set(CPACK_PACKAGE_VERSION_MAJOR "0")
+set(CPACK_PACKAGE_VERSION_MINOR "4")
+set(CPACK_PACKAGE_VERSION_PATCH "4")
 set(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
 
 
@@ -22,21 +22,16 @@ set(CPACK_SOURCE_GENERATOR "TGZ")
 set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]svn/;/[.]git/;.gitignore;/build/;tags;cscope.*")
 set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
 
-if (WIN32)
-    set(CPACK_GENERATOR "ZIP")
 
-    ### nsis generator
-    find_package(NSIS)
-    if (NSIS_MAKE)
-        set(CPACK_GENERATOR "${CPACK_GENERATOR};NSIS")
-        set(CPACK_NSIS_DISPLAY_NAME "The SSH Library")
-        set(CPACK_NSIS_COMPRESSOR "/SOLID zlib")
-        set(CPACK_NSIS_MENU_LINKS "http://www.libssh.org/" "libssh homepage")
-    endif (NSIS_MAKE)
-endif (WIN32)
+### nsis generator
+set(CPACK_GENERATOR "NSIS")
 
 set(CPACK_PACKAGE_INSTALL_DIRECTORY "libssh")
 
+set(CPACK_NSIS_DISPLAY_NAME "The SSH Library")
+set(CPACK_NSIS_COMPRESSOR "/SOLID zlib")
+set(CPACK_NSIS_MENU_LINKS "http://www.libssh.org/" "libssh homepage")
+
 set(CPACK_PACKAGE_FILE_NAME ${APPLICATION_NAME}-${CPACK_PACKAGE_VERSION})
 
 set(CPACK_COMPONENT_LIBRARIES_DISPLAY_NAME "Libraries")

CTestConfig.cmake

@@ -1,9 +0,0 @@
-set(UPDATE_TYPE "true")
-
-set(CTEST_PROJECT_NAME "libssh")
-set(CTEST_NIGHTLY_START_TIME "01:00:00 CET")
-
-set(CTEST_DROP_METHOD "http")
-set(CTEST_DROP_SITE "test.libssh.org")
-set(CTEST_DROP_LOCATION "/submit.php?project=libssh")
-set(CTEST_DROP_SITE_CDASH TRUE)

ChangeLog

@@ -1,111 +1,6 @@
 ChangeLog
 ==========
 
-version 0.5.5 (released 2013-07-26)
-  * BUG 103: Fix ProxyCommand parsing.
-  * Fix setting -D_FORTIFY_SOURCE=2.
-  * Fix pollset error return if emtpy.
-  * Fix NULL pointer checks in channel functions.
-  * Several bugfixes.
-
-version 0.5.4 (released 2013-01-22)
-  * CVE-2013-0176 - NULL dereference leads to denial of service
-  * Fixed several NULL pointer dereferences in SSHv1.
-  * Fixed a free crash bug in options parsing.
-
-version 0.5.3 (released 2012-11-20)
-  * CVE-2012-4559 Fixed multiple double free() flaws.
-  * CVE-2012-4560 Fixed multiple buffer overflow flaws.
-  * CVE-2012-4561 Fixed multiple invalid free() flaws.
-  * BUG #84 - Fix bug in sftp_mkdir not returning on error.
-  * BUG #85 - Fixed a possible channel infinite loop if the connection dropped.
-  * BUG #88 - Added missing channel request_state and set it to accepted.
-  * BUG #89 - Reset error state to no error on successful SSHv1 authentiction.
-  * Fixed a possible use after free in ssh_free().
-  * Fixed multiple possible NULL pointer dereferences.
-  * Fixed multiple memory leaks in error paths.
-  * Fixed timeout handling.
-  * Fixed regression in pre-connected socket setting.
-  * Handle all unknown global messages.
-
-version 0.5.2 (released 2011-09-17)
-  * Increased window size x10.
-  * Fixed SSHv1.
-  * Fixed bugged lists.
-  * Fixed use-after-free + inconsistent callbacks call in poll.
-  * Fixed scp documentation.
-  * Fixed possible infinite loop in channel_read().
-  * Fixed handling of short reads of sftp_async_read().
-  * Fixed handling request service timeout in blocking mode.
-  * Fixed ssh_auth_list() documentation.
-  * Fixed incorrect return values in ssh_channel_write().
-  * Fixed an infinite loop in the termination callback.
-  * Fixed handling of SSH_AGAIN in channel_open().
-  * Fixed "status -5 inflating zlib packet"
-
-version 0.5.1 (released 2011-08-09)
-  * Added checks for NULL pointers in string.c.
-  * Set the channel max packet size to 32768.
-  * Don't (de)compress empty buffers.
-  * Fixed ssh_scp_write so it works when doing recursive copy.
-  * Fixed another source of endless wait.
-  * Fixed an endless loop in case of a channel_open error.
-  * Fixed session timeout handling.
-  * Fixed ssh_channel_from_local() loop.
-  * Fixed permissions of scp example when we copy a file.
-  * Workaround ssh_get_user_home_dir on LDAP users.
-  * Added pkg-config support for libssh_threads.
-  * Fixed compilation without server and sftp modes.
-  * Fix static .lib overwriting on Windows.
-
-version 0.5.0 (released 2011-06-01)
-  * Added ssh_ prefix to all functions.
-  * Added complete Windows support.
-  * Added improved server support.
-  * Added unit tests for a lot of functions.
-  * Added asynchronous service request.
-  * Added a multiplatform ssh_getpass() function.
-  * Added a tutorial.
-  * Added a lot of documentation.
-  * Fixed a lot of bugs.
-  * Fixed several memory leaks.
-
-version 0.4.8 (released 2011-01-15)
-  * Fixed memory leaks in session signing.
-  * Fixed memory leak in ssh_print_hexa.
-  * Fixed problem with ssh_connect w/ timeout and fd > 1024.
-  * Fixed some warnings on OS/2.
-  * Fixed installation path for OS/2.
-
-version 0.4.7 (released 2010-12-28)
-  * Fixed a possible memory leak in ssh_get_user_home().
-  * Fixed a memory leak in sftp_xstat.
-  * Fixed uninitialized fd->revents member.
-  * Fixed timout value in ssh_channel_accept().
-  * Fixed length checks in ssh_analyze_banner().
-  * Fixed a possible data overread and crash bug.
-  * Fixed setting max_fd which breaks ssh_select().
-  * Fixed some pedantic build warnings.
-  * Fixed a memory leak with session->bindaddr.
-
-version 0.4.6 (released 2010-09-03)
-  * Added a cleanup function to free the ws2_32 library.
-  * Fixed build with gcc 3.4.
-  * Fixed the Windows build on Vista and newer.
-  * Fixed the usage of WSAPoll() on Windows.
-  * Fixed "@deprecated" in doxygen
-  * Fixed some mingw warnings.
-  * Fixed handling of opened channels.
-  * Fixed keepalive problem on older openssh servers.
-  * Fixed testing for big endian on Windows.
-  * Fixed the Windows preprocessor macros and defines.
-
-version 0.4.5 (released 2010-07-13)
-  * Added option to bind a client to an ip address.
-  * Fixed the ssh socket polling function.
-  * Fixed Windows related bugs in bsd_poll().
-  * Fixed serveral build warnings.
-
 version 0.4.4 (released 2010-06-01)
   * Fixed a bug in the expand function for escape sequences.
   * Fixed a bug in the tilde expand function.

ConfigureChecks.cmake

@@ -1,4 +1,5 @@
 include(CheckIncludeFile)
+include(CheckIncludeFiles)
 include(CheckSymbolExists)
 include(CheckFunctionExists)
 include(CheckLibraryExists)
@@ -16,46 +17,40 @@ set(SYSCONFDIR ${SYSCONF_INSTALL_DIR})
 set(BINARYDIR ${CMAKE_BINARY_DIR})
 set(SOURCEDIR ${CMAKE_SOURCE_DIR})
 
-function(COMPILER_DUMPVERSION _OUTPUT_VERSION)
-    # Remove whitespaces from the argument.
-    # This is needed for CC="ccache gcc" cmake ..
-    string(REPLACE " " "" _C_COMPILER_ARG "${CMAKE_C_COMPILER_ARG1}")
-
-    execute_process(
-        COMMAND
-            ${CMAKE_C_COMPILER} ${_C_COMPILER_ARG} -dumpversion
-        OUTPUT_VARIABLE _COMPILER_VERSION
-    )
-
-    string(REGEX REPLACE "([0-9])\\.([0-9])(\\.[0-9])?" "\\1\\2"
-           _COMPILER_VERSION "${_COMPILER_VERSION}")
-
-    set(${_OUTPUT_VERSION} ${_COMPILER_VERSION} PARENT_SCOPE)
-endfunction()
-
-if(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW AND NOT OS2)
-    compiler_dumpversion(GNUCC_VERSION)
-    if (NOT GNUCC_VERSION EQUAL 34)
-        check_c_compiler_flag("-fvisibility=hidden" WITH_VISIBILITY_HIDDEN)
-    endif (NOT GNUCC_VERSION EQUAL 34)
-endif(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW AND NOT OS2)
+if(CMAKE_COMPILER_IS_GNUCC)
+check_c_compiler_flag("-fvisibility=hidden" WITH_VISIBILITY_HIDDEN)
+endif(CMAKE_COMPILER_IS_GNUCC)
 
 # HEADER FILES
 check_include_file(argp.h HAVE_ARGP_H)
 check_include_file(pty.h HAVE_PTY_H)
-check_include_file(termios.h HAVE_TERMIOS_H)
-
+check_include_file(terminos.h HAVE_TERMIOS_H)
 if (WIN32)
-  check_include_file(wspiapi.h HAVE_WSPIAPI_H)
+  check_include_files("winsock2.h;ws2tcpip.h;wspiapi.h" HAVE_WSPIAPI_H)
   if (NOT HAVE_WSPIAPI_H)
-    message(STATUS "WARNING: Without wspiapi.h, this build will only work on Windows XP and newer versions")
+    message(STATUS "WARNING: Without wspiapi.h (or dependencies), this build will only work on Windows XP and newer versions")
   endif (NOT HAVE_WSPIAPI_H)
-  check_include_file(ws2tcpip.h HAVE_WS2TCPIP_H)
+  check_include_files("winsock2.h;ws2tcpip.h" HAVE_WS2TCPIP_H)
+  if (NOT HAVE_WS2TCPIP_H)
+    message(ERROR "WARNING: Does not have ws2tcpip.h or winsock2.h")
+  endif (NOT HAVE_WS2TCPIP_H)
   if (HAVE_WSPIAPI_H OR HAVE_WS2TCPIP_H)
     set(HAVE_GETADDRINFO TRUE)
     set(HAVE_GETHOSTBYNAME TRUE)
   endif (HAVE_WSPIAPI_H OR HAVE_WS2TCPIP_H)
 
+  check_function_exists(vsnprintf HAVE_VSNPRINTF)
+  if(NOT HAVE_VSNPRINTF)
+      check_function_exists(_vsnprintf_s HAVE__VSNPRINTF_S)
+      check_function_exists(_vsnprintf HAVE__VSNPRINTF)
+  endif(NOT HAVE_VSNPRINTF)
+  check_function_exists(snprintf HAVE_SNPRINTF)
+  if(NOT HAVE_SNPRINTF)
+      check_function_exists(_snprintf HAVE__SNPRINTF)
+      check_function_exists(_snprintf_s HAVE__SNPRINTF_S)
+  endif(NOT HAVE_SNPRINTF)
+  check_function_exists(strncpy HAVE_STRNCPY)
+
   set(HAVE_SELECT TRUE)
 endif (WIN32)
 
@@ -68,58 +63,36 @@ check_include_file(openssl/blowfish.h HAVE_OPENSSL_BLOWFISH_H)
 set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
 check_include_file(openssl/des.h HAVE_OPENSSL_DES_H)
 
-if (CMAKE_HAVE_PTHREAD_H)
-  set(HAVE_PTHREAD_H 1)
-endif (CMAKE_HAVE_PTHREAD_H)
-
 # FUNCTIONS
 
-check_function_exists(strncpy HAVE_STRNCPY)
-check_function_exists(vsnprintf HAVE_VSNPRINTF)
-check_function_exists(snprintf HAVE_SNPRINTF)
-
-if (WIN32)
-    check_function_exists(_vsnprintf_s HAVE__VSNPRINTF_S)
-    check_function_exists(_vsnprintf HAVE__VSNPRINTF)
-    check_function_exists(_snprintf HAVE__SNPRINTF)
-    check_function_exists(_snprintf_s HAVE__SNPRINTF_S)
-endif (WIN32)
-
 if (UNIX)
-    if (NOT LINUX)
-        # libsocket (Solaris)
-        check_library_exists(socket getaddrinfo "" HAVE_LIBSOCKET)
-        if (HAVE_LIBSOCKET)
-          set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} socket)
-        endif (HAVE_LIBSOCKET)
+  # libsocket (Solaris)
+  check_library_exists(socket getaddrinfo "" HAVE_LIBSOCKET)
+  if (HAVE_LIBSOCKET)
+    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} socket)
+  endif (HAVE_LIBSOCKET)
+  # libnsl (Solaris)
+  check_library_exists(nsl gethostbyname "" HAVE_LIBNSL)
+  if (HAVE_LIBNSL)
+    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} nsl)
+  endif (HAVE_LIBNSL)
+  # libresolv
+  check_library_exists(resolv hstrerror "" HAVE_LIBRESOLV)
+  if (HAVE_LIBRESOLV)
+    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} resolv)
+  endif (HAVE_LIBRESOLV)
+  check_library_exists(rt nanosleep "" HAVE_LIBRT)
+  # librt
+  if (HAVE_LIBRT)
+    set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} rt)
+  endif (HAVE_LIBRT)
 
-        # libresolv
-        check_library_exists(resolv hstrerror "" HAVE_LIBRESOLV)
-        if (HAVE_LIBRESOLV)
-          set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} resolv)
-        endif (HAVE_LIBRESOLV)
-
-        # libnsl/inet_pton (Solaris)
-        check_library_exists(nsl inet_pton "" HAVE_LIBNSL)
-        if (HAVE_LIBNSL)
-            set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} nsl)
-        endif (HAVE_LIBNSL)
-
-        # librt
-        check_library_exists(rt nanosleep "" HAVE_LIBRT)
-    endif (NOT LINUX)
-
-    check_library_exists(rt clock_gettime "" HAVE_CLOCK_GETTIME)
-    if (HAVE_LIBRT OR HAVE_CLOCK_GETTIME)
-        set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} rt)
-    endif (HAVE_LIBRT OR HAVE_CLOCK_GETTIME)
-
-    check_function_exists(getaddrinfo HAVE_GETADDRINFO)
-    check_function_exists(poll HAVE_POLL)
-    check_function_exists(select HAVE_SELECT)
-    check_function_exists(cfmakeraw HAVE_CFMAKERAW)
-    check_function_exists(regcomp HAVE_REGCOMP)
-    check_function_exists(ntohll HAVE_NTOHLL)
+  check_function_exists(getaddrinfo HAVE_GETADDRINFO)
+  check_function_exists(gethostbyname HAVE_GETHOSTBYNAME)
+  check_function_exists(poll HAVE_POLL)
+  check_function_exists(select HAVE_SELECT)
+  check_function_exists(cfmakeraw HAVE_CFMAKERAW)
+  check_function_exists(regcomp HAVE_REGCOMP)
 endif (UNIX)
 
 set(LIBSSH_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} CACHE INTERNAL "libssh required system libraries")
@@ -133,15 +106,9 @@ if (GCRYPT_FOUND)
   set(HAVE_LIBGCRYPT 1)
 endif (GCRYPT_FOUND)
 
-if (ZLIB_LIBRARY)
+if (Z_LIBRARY)
   set(HAVE_LIBZ 1)
-endif (ZLIB_LIBRARY)
-
-if (CMAKE_HAVE_THREADS_LIBRARY)
-    if (CMAKE_USE_PTHREADS_INIT)
-        set(HAVE_PTHREAD 1)
-    endif (CMAKE_USE_PTHREADS_INIT)
-endif (CMAKE_HAVE_THREADS_LIBRARY)
+endif (Z_LIBRARY)
 
 # OPTIONS
 if (WITH_DEBUG_CRYPTO)
@@ -153,6 +120,4 @@ if (WITH_DEBUG_CALLTRACE)
 endif (WITH_DEBUG_CALLTRACE)
 
 # ENDIAN
-if (NOT WIN32)
-    test_big_endian(WORDS_BIGENDIAN)
-endif (NOT WIN32)
+test_big_endian(WORDS_BIGENDIAN)

DefineOptions.cmake

@@ -6,16 +6,4 @@ option(WITH_STATIC_LIB "Build with a static library" OFF)
 option(WITH_DEBUG_CRYPTO "Build with cryto debug output" OFF)
 option(WITH_DEBUG_CALLTRACE "Build with calltrace debug output" ON)
 option(WITH_GCRYPT "Compile against libgcrypt" OFF)
-option(WITH_PCAP "Compile with Pcap generation support" ON)
-option(WITH_INTERNAL_DOC "Compile doxygen internal documentation" OFF)
-option(WITH_TESTING "Build with unit tests" OFF)
-option(WITH_CLIENT_TESTING "Build with client tests; requires a running sshd" OFF)
-option(WITH_BENCHMARKS "Build benchmarks tools" OFF)
-
-if(WITH_BENCHMARKS)
-  set(WITH_TESTING ON)
-endif(WITH_BENCHMARKS)
-
-if (WITH_TESTING)
-  set(WITH_STATIC_LIB ON)
-endif (WITH_TESTING)
+option(WITH_PCAP "Compile with Pcap generation support" OFF)

INSTALL

@@ -68,8 +68,6 @@ If you want to install libssh after compilation run:
 ## Running
 
 The libssh binary can be found in the `build/libssh` directory.
-You can use `build/examples/samplessh` which is a sample client to
-test libssh on UNIX.
 
 ## About this document
 

README

@@ -29,12 +29,6 @@ http://www.libssh.org
 4* API Changes !
 -_-_-_-_-_-_-_-_-_
 
-Changes between 0.4 and 0.5
----------------------------
-
-We use the ssh_ prefix as namespace for every function now. There is a legacy.h
-which could be used to get the old function names.
-
 Changes between 0.3 and 0.4
 ---------------------------
 
@@ -52,105 +46,3 @@ header file and it is documented. Example:
 
 ssh_options_set(session, SSH_OPTIONS_HOST, "localhost");
 
-5* Copyright policy
--_-_-_-_-_-_-_-_-_-_
-
-libssh is a project with distributed copyright ownership, which means we prefer
-the copyright on parts of libssh to be held by individuals rather than
-corporations if possible. There are historical legal reasons for this, but one
-of the best ways to explain it is that it’s much easier to work with
-individuals who have ownership than corporate legal departments if we ever need
-to make reasonable compromises with people using and working with libssh.
-
-We track the ownership of every part of libssh via git, our source code control
-system, so we know the provenance of every piece of code that is committed to
-libssh.
-
-So if possible, if you’re doing libssh changes on behalf of a company who
-normally owns all the work you do please get them to assign personal copyright
-ownership of your changes to you as an individual, that makes things very easy
-for us to work with and avoids bringing corporate legal departments into the
-picture.
-
-If you can’t do this we can still accept patches from you owned by your
-employer under a standard employment contract with corporate copyright
-ownership. It just requires a simple set-up process first.
-
-We use a process very similar to the way things are done in the Linux Kernel
-community, so it should be very easy to get a sign off from your corporate
-legal department. The only changes we’ve made are to accommodate the license we
-use, which is LGPLv2 (or later) whereas the Linux kernel uses GPLv2.
-
-The process is called signing.
-
-How to sign your work
-----------------------
-
-Once you have permission to contribute to libssh from your employer, simply
-email a copy of the following text from your corporate email address to:
-
-contributing@libssh.org
-
---------------------------------------------------------------------------
-libssh Developer's Certificate of Origin. Version 1.0
-
-By making a contribution to this project, I certify that:
-
-(a) The contribution was created in whole or in part by me and I
-    have the right to submit it under the appropriate
-    version of the GNU General Public License; or
-
-(b) The contribution is based upon previous work that, to the best of
-    my knowledge, is covered under an appropriate open source license
-    and I have the right under that license to submit that work with
-    modifications, whether created in whole or in part by me, under
-    the GNU General Public License, in the appropriate version; or
-
-(c) The contribution was provided directly to me by some other
-    person who certified (a) or (b) and I have not modified it.
-
-(d) I understand and agree that this project and the contribution are
-    public and that a record of the contribution (including all
-    metadata and personal information I submit with it, including my
-    sign-off) is maintained indefinitely and may be redistributed
-    consistent with the libssh Team's policies and the requirements of
-    the GNU GPL where they are relevant.
-
-(e) I am granting this work to this project under the terms of the
-    GNU Lesser General Public License as published by the
-    Free Software Foundation; either version 2.1 of
-    the License, or (at the option of the project) any later version.
-
-http://www.gnu.org/licenses/lgpl-2.1.html
---------------------------------------------------------------------------
-
-We will maintain a copy of that email as a record that you have the rights to
-contribute code to libssh under the required licenses whilst working for the
-company where the email came from.
-
-Then when sending in a patch via the normal mechanisms described above, add a
-line that states:
-
-
-   Signed-off-by: Random J Developer <random@developer.example.org>
-
-
-using your real name and the email address you sent the original email you used
-to send the libssh Developer’s Certificate of Origin to us (sorry, no
-pseudonyms or anonymous contributions.)
-
-That’s it! Such code can then quite happily contain changes that have copyright
-messages such as:
-
-
-   (c) Example Corporation.
-
-
-and can be merged into the libssh codebase in the same way as patches from any
-other individual. You don’t need to send in a copy of the libssh Developer’s
-Certificate of Origin for each patch, or inside each patch. Just the sign-off
-message is all that is required once we’ve received the initial email.
-
-Have fun and happy libssh hacking!
-
-The libssh Team

build/build_make.sh

@@ -62,8 +62,8 @@ function clean_build_dir() {
 }
 
 function usage () {
-echo "Usage: `basename $0` [--prefix /install_prefix|--build [debug|final]|--clean|--verbose|--libsuffix (32|64)|--help|--clang|--cmakedir /directory|--make
-(gmake|make)|--ccompiler (gcc|cc)|--withstaticlib|--unittesting|--clientunittesting|--withssh1|--withserver]"
+echo "Usage: `basename $0` [--prefix /install_prefix|--build [debug|final]|--clean|--verbose|--libsuffix (32|64)|--help|--cmakedir /directory|--make
+(gmake|make)|--ccompiler (gcc|cc)|--withstaticlib|--unittesting|--withss1|--withserver]"
     cleanup_and_exit
 }
 
@@ -100,9 +100,6 @@ while test -n "$1"; do
 			clean_build_dir
 			cleanup_and_exit
 		;;
-		*-clang)
-			OPTIONS="${OPTIONS} -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++"
-		;;
 		*-verbose)
 			DOVERBOSE="1"
 		;;
@@ -135,18 +132,19 @@ while test -n "$1"; do
 		;;
 		*-withstaticlib)
 			OPTIONS="${OPTIONS} -DWITH_STATIC_LIB=ON"
+			shift
 		;;
 		*-unittesting)
-			OPTIONS="${OPTIONS} -DWITH_TESTING=ON"
-		;;
-		*-clientunittesting)
-			OPTIONS="${OPTIONS} -DWITH_CLIENT_TESTING=ON"
+			OPTIONS="${OPTIONS} -DUNIT_TESTING=ON"
+			shift
 		;;
 		*-withssh1)
 			OPTIONS="${OPTIONS} -DWITH_SSH1=ON"
+			shift
 		;;
 		*-withserver)
 			OPTIONS="${OPTIONS} -DWITH_SERVER=ON"
+			shift
 		;;
 		----noarg)
 			echo "$ARG does not take an argument"

cmake/Modules/AddCMockeryTest.cmake

@@ -1,23 +0,0 @@
-# - ADD_CHECK_TEST(test_name test_source linklib1 ... linklibN)
-
-# Copyright (c) 2007      Daniel Gollub <dgollub@suse.de>
-# Copyright (c) 2007-2010 Andreas Schneider <asn@cynapses.org>
-#
-# Redistribution and use is allowed according to the terms of the BSD license.
-# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-
-enable_testing()
-include(CTest)
-
-if(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW)
-    set(CMAKE_C_FLAGS_PROFILING "-g -O0 -Wall -W -Wshadow -Wunused-variable -Wunused-parameter -Wunused-function -Wunused -Wno-system-headers -Wwrite-strings -fprofile-arcs -ftest-coverage" CACHE STRING "Profiling Compiler Flags")
-    set(CMAKE_SHARED_LINKER_FLAGS_PROFILING " -fprofile-arcs -ftest-coverage" CACHE STRING "Profiling Linker Flags")
-    set(CMAKE_MODULE_LINKER_FLAGS_PROFILING " -fprofile-arcs -ftest-coverage" CACHE STRING "Profiling Linker Flags")
-    set(CMAKE_EXEC_LINKER_FLAGS_PROFILING " -fprofile-arcs -ftest-coverage" CACHE STRING "Profiling Linker Flags")
-endif(CMAKE_COMPILER_IS_GNUCC AND NOT MINGW)
-
-function (ADD_CMOCKERY_TEST _testName _testSource)
-    add_executable(${_testName} ${_testSource})
-    target_link_libraries(${_testName} ${ARGN})
-    add_test(${_testName} ${CMAKE_CURRENT_BINARY_DIR}/${_testName})
-endfunction (ADD_CMOCKERY_TEST)

cmake/Modules/DefineCompilerFlags.cmake

@@ -1,76 +1,59 @@
 # define system dependent compiler flags
 
 include(CheckCCompilerFlag)
-include(MacroCheckCCompilerFlagSSP)
 
 if (UNIX AND NOT WIN32)
-    #
-    # Define GNUCC compiler flags
-    #
-    if (${CMAKE_C_COMPILER_ID} MATCHES GNU)
-        # add -Wconversion ?
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -pedantic -pedantic-errors")
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wshadow -Wmissing-prototypes -Wdeclaration-after-statement")
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wunused -Wfloat-equal -Wpointer-arith -Wwrite-strings -Wformat-security")
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-format-attribute")
+  if (${CMAKE_C_COMPILER_ID} MATCHES GNU)
+    # add -Wconversion ?
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -pedantic -Wall -Wextra -Wshadow -Wmissing-prototypes -Wdeclaration-after-statement -Wunused -Wfloat-equal -Wpointer-arith -Wwrite-strings -Wformat-security -Wmissing-format-attribute")
 
-        # with -fPIC
-        check_c_compiler_flag("-fPIC" WITH_FPIC)
-        if (WITH_FPIC)
-            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
-        endif (WITH_FPIC)
+    # with -fPIC
+    check_c_compiler_flag("-fPIC" WITH_FPIC)
+    if (WITH_FPIC)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
+    endif (WITH_FPIC)
 
-        check_c_compiler_flag_ssp("-fstack-protector" WITH_STACK_PROTECTOR)
-        if (WITH_STACK_PROTECTOR)
-            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector")
-        endif (WITH_STACK_PROTECTOR)
+    check_c_compiler_flag("-fstack-protector" WITH_STACK_PROTECTOR)
+    if (WITH_STACK_PROTECTOR)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector")
+    endif (WITH_STACK_PROTECTOR)
 
-        if (CMAKE_BUILD_TYPE)
-            string(TOLOWER "${CMAKE_BUILD_TYPE}" CMAKE_BUILD_TYPE_LOWER)
-            if (NOT CMAKE_BUILD_TYPE_LOWER MATCHES debug)
-                check_c_compiler_flag("-D_FORTIFY_SOURCE=2" WITH_FORTIFY_SOURCE)
-                if (WITH_FORTIFY_SOURCE)
-                    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_FORTIFY_SOURCE=2")
-                endif (WITH_FORTIFY_SOURCE)
-            endif()
-        endif()
-    endif (${CMAKE_C_COMPILER_ID} MATCHES GNU)
+    check_c_compiler_flag("-D_FORTIFY_SOURCE=2" WITH_FORTIFY_SOURCE)
+    if (WITH_FORTIFY_SOURCE)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_FORTIFY_SOURCE=2")
+    endif (WITH_FORTIFY_SOURCE)
 
-    #
-    # Check for large filesystem support
-    #
-    if (CMAKE_SIZEOF_VOID_P MATCHES "8")
-        # with large file support
-        execute_process(
-            COMMAND
-                getconf LFS64_CFLAGS
-            OUTPUT_VARIABLE
-                _lfs_CFLAGS
-            ERROR_QUIET
-            OUTPUT_STRIP_TRAILING_WHITESPACE
-        )
-    else (CMAKE_SIZEOF_VOID_P MATCHES "8")
-        # with large file support
-        execute_process(
-            COMMAND
-                getconf LFS_CFLAGS
-            OUTPUT_VARIABLE
-                _lfs_CFLAGS
-            ERROR_QUIET
-            OUTPUT_STRIP_TRAILING_WHITESPACE
-        )
-    endif (CMAKE_SIZEOF_VOID_P MATCHES "8")
-    if (_lfs_CFLAGS)
-        string(REGEX REPLACE "[\r\n]" " " "${_lfs_CFLAGS}" "${${_lfs_CFLAGS}}")
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_lfs_CFLAGS}")
-    endif (_lfs_CFLAGS)
+  endif (${CMAKE_C_COMPILER_ID} MATCHES GNU)
+
+  if (CMAKE_SIZEOF_VOID_P MATCHES "8")
+   # with large file support
+   execute_process(
+     COMMAND
+       getconf LFS64_CFLAGS
+     OUTPUT_VARIABLE
+       _lfs_CFLAGS
+     ERROR_QUIET
+     OUTPUT_STRIP_TRAILING_WHITESPACE
+   )
+ else (CMAKE_SIZEOF_VOID_P MATCHES "8")
+   # with large file support
+   execute_process(
+     COMMAND
+       getconf LFS_CFLAGS
+     OUTPUT_VARIABLE
+       _lfs_CFLAGS
+     ERROR_QUIET
+     OUTPUT_STRIP_TRAILING_WHITESPACE
+   )
+ endif (CMAKE_SIZEOF_VOID_P MATCHES "8")
+ if (_lfs_CFLAGS)
+   string(REGEX REPLACE "[\r\n]" " " "${_lfs_CFLAGS}" "${${_lfs_CFLAGS}}")
+   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_lfs_CFLAGS}")
+ endif (_lfs_CFLAGS)
 
 endif (UNIX AND NOT WIN32)
 
+# suppress warning about "deprecated" functions
 if (MSVC)
-    # Use secure functions by defaualt and suppress warnings about
-    #"deprecated" functions
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /D _CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES=1")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /D _CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES_COUNT=1")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /D _CRT_NONSTDC_NO_WARNINGS=1 /D _CRT_SECURE_NO_WARNINGS=1")
+  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_CRT_SECURE_NO_WARNINGS")
 endif (MSVC)

cmake/Modules/DefineInstallationPaths.cmake

@@ -1,15 +1,4 @@
-if (WIN32)
-  # Same same
-  set(BIN_INSTALL_DIR "bin" CACHE PATH "-")
-  set(SBIN_INSTALL_DIR "." CACHE PATH "-")
-  set(LIB_INSTALL_DIR "lib" CACHE PATH "-")
-  set(INCLUDE_INSTALL_DIR "include" CACHE PATH "-")
-  set(PLUGIN_INSTALL_DIR "plugins" CACHE PATH "-")
-  set(HTML_INSTALL_DIR "doc/HTML" CACHE PATH "-")
-  set(ICON_INSTALL_DIR "." CACHE PATH "-")
-  set(SOUND_INSTALL_DIR "." CACHE PATH "-")
-  set(LOCALE_INSTALL_DIR "lang" CACHE PATH "-")
-elseif (UNIX OR OS2)
+if (UNIX)
   IF (NOT APPLICATION_NAME)
     MESSAGE(STATUS "${PROJECT_NAME} is used as APPLICATION_NAME")
     SET(APPLICATION_NAME ${PROJECT_NAME})
@@ -101,4 +90,18 @@ elseif (UNIX OR OS2)
     "${SHARE_INSTALL_PREFIX}/info"
     CACHE PATH "The ${APPLICATION_NAME} info install dir (default prefix/info)"
   )
-endif ()
+endif (UNIX)
+
+if (WIN32)
+  # Same same
+  set(BIN_INSTALL_DIR "bin" CACHE PATH "-")
+  set(SBIN_INSTALL_DIR "." CACHE PATH "-")
+  set(LIB_INSTALL_DIR "lib" CACHE PATH "-")
+  set(INCLUDE_INSTALL_DIR "include" CACHE PATH "-")
+  set(PLUGIN_INSTALL_DIR "plugins" CACHE PATH "-")
+  set(HTML_INSTALL_DIR "doc/HTML" CACHE PATH "-")
+  set(ICON_INSTALL_DIR "." CACHE PATH "-")
+  set(SOUND_INSTALL_DIR "." CACHE PATH "-")
+  set(LOCALE_INSTALL_DIR "lang" CACHE PATH "-")
+endif (WIN32)
+

cmake/Modules/DefinePlatformDefaults.cmake

@@ -1,28 +0,0 @@
-# Set system vars
-
-if (CMAKE_SYSTEM_NAME MATCHES "Linux")
-    set(LINUX TRUE)
-endif(CMAKE_SYSTEM_NAME MATCHES "Linux")
-
-if (CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
-    set(FREEBSD TRUE)
-    set(BSD TRUE)
-endif (CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
-
-if (CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
-    set(OPENBSD TRUE)
-    set(BSD TRUE)
-endif (CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
-
-if (CMAKE_SYSTEM_NAME MATCHES "NetBSD")
-    set(NETBSD TRUE)
-    set(BSD TRUE)
-endif (CMAKE_SYSTEM_NAME MATCHES "NetBSD")
-
-if (CMAKE_SYSTEM_NAME MATCHES "(Solaris|SunOS)")
-    set(SOLARIS TRUE)
-endif (CMAKE_SYSTEM_NAME MATCHES "(Solaris|SunOS)")
-
-if (CMAKE_SYSTEM_NAME MATCHES "OS2")
-    set(OS2 TRUE)
-endif (CMAKE_SYSTEM_NAME MATCHES "OS2")

cmake/Modules/FindArgp.cmake

@@ -1,60 +0,0 @@
-# - Try to find Argp
-# Once done this will define
-#
-#  ARGP_FOUND - system has Argp
-#  ARGP_INCLUDE_DIRS - the Argp include directory
-#  ARGP_LIBRARIES - Link these to use Argp
-#  ARGP_DEFINITIONS - Compiler switches required for using Argp
-#
-#  Copyright (c) 2010 Andreas Schneider <asn@cynapses.org>
-#
-#  Redistribution and use is allowed according to the terms of the New
-#  BSD license.
-#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-#
-
-
-if (ARGP_LIBRARIES AND ARGP_INCLUDE_DIRS)
-  # in cache already
-  set(ARGP_FOUND TRUE)
-else (ARGP_LIBRARIES AND ARGP_INCLUDE_DIRS)
-
-  find_path(ARGP_INCLUDE_DIR
-    NAMES
-      argp.h
-    PATHS
-      /usr/include
-      /usr/local/include
-      /opt/local/include
-      /sw/include
-  )
-
-  find_library(ARGP_LIBRARY
-    NAMES
-      argp
-    PATHS
-      /usr/lib
-      /usr/local/lib
-      /opt/local/lib
-      /sw/lib
-  )
-
-  set(ARGP_INCLUDE_DIRS
-    ${ARGP_INCLUDE_DIR}
-  )
-
-  if (ARGP_LIBRARY)
-    set(ARGP_LIBRARIES
-        ${ARGP_LIBRARIES}
-        ${ARGP_LIBRARY}
-    )
-  endif (ARGP_LIBRARY)
-
-  include(FindPackageHandleStandardArgs)
-  find_package_handle_standard_args(Argp DEFAULT_MSG ARGP_LIBRARIES ARGP_INCLUDE_DIRS)
-
-  # show the ARGP_INCLUDE_DIRS and ARGP_LIBRARIES variables only in the advanced view
-  mark_as_advanced(ARGP_INCLUDE_DIRS ARGP_LIBRARIES)
-
-endif (ARGP_LIBRARIES AND ARGP_INCLUDE_DIRS)
-

cmake/Modules/FindCMockery.cmake

@@ -1,63 +0,0 @@
-# - Try to find CMockery
-# Once done this will define
-#
-#  CMOCKERY_FOUND - system has CMockery
-#  CMOCKERY_INCLUDE_DIRS - the CMockery include directory
-#  CMOCKERY_LIBRARIES - Link these to use CMockery
-#  CMOCKERY_DEFINITIONS - Compiler switches required for using CMockery
-#
-#  Copyright (c) 2010 Andreas Schneider <asn@cryptomilk.org>
-#
-#  Redistribution and use is allowed according to the terms of the New
-#  BSD license.
-#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-#
-
-
-if (CMOCKERY_LIBRARIES AND CMOCKERY_INCLUDE_DIRS)
-  # in cache already
-  set(CMOCKERY_FOUND TRUE)
-else (CMOCKERY_LIBRARIES AND CMOCKERY_INCLUDE_DIRS)
-
-  find_path(CMOCKERY_INCLUDE_DIR
-    NAMES
-      google/cmockery.h
-    PATHS
-      ${_CMOCKERY_DIR}/include
-      /usr/include
-      /usr/local/include
-      /opt/local/include
-      /sw/include
-      $ENV{PROGRAMFILES}/cmockery/include
-  )
-
-  find_library(CMOCKERY_LIBRARY
-    NAMES
-      cmockery
-    PATHS
-      ${_CMOCKERY_DIR}/lib
-      /usr/lib
-      /usr/local/lib
-      /opt/local/lib
-      /sw/lib
-      $ENV{PROGRAMFILES}/cmockery/lib
-  )
-
-  set(CMOCKERY_INCLUDE_DIRS
-    ${CMOCKERY_INCLUDE_DIR}
-  )
-
-  if (CMOCKERY_LIBRARY)
-    set(CMOCKERY_LIBRARIES
-        ${CMOCKERY_LIBRARIES}
-        ${CMOCKERY_LIBRARY}
-    )
-  endif (CMOCKERY_LIBRARY)
-
-  include(FindPackageHandleStandardArgs)
-  find_package_handle_standard_args(CMockery DEFAULT_MSG CMOCKERY_LIBRARIES CMOCKERY_INCLUDE_DIRS)
-
-  # show the CMOCKERY_INCLUDE_DIRS and CMOCKERY_LIBRARIES variables only in the advanced view
-  mark_as_advanced(CMOCKERY_INCLUDE_DIRS CMOCKERY_LIBRARIES)
-
-endif (CMOCKERY_LIBRARIES AND CMOCKERY_INCLUDE_DIRS)

cmake/Modules/FindGCrypt.cmake

@@ -6,65 +6,72 @@
 #  GCRYPT_LIBRARIES - Link these to use GCrypt
 #  GCRYPT_DEFINITIONS - Compiler switches required for using GCrypt
 #
-#=============================================================================
-#  Copyright (c) 2009-2011 Andreas Schneider <asn@cryptomilk.org>
+#  Copyright (c) 2009 Andreas Schneider <mail@cynapses.org>
 #
-#  Distributed under the OSI-approved BSD License (the "License");
-#  see accompanying file Copyright.txt for details.
-#
-#  This software is distributed WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#  See the License for more information.
-#=============================================================================
+#  Redistribution and use is allowed according to the terms of the New
+#  BSD license.
+#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 #
 
+
 if (GCRYPT_LIBRARIES AND GCRYPT_INCLUDE_DIRS)
-    # in cache already
-    # set(GCRYPT_FOUND TRUE)
+  # in cache already
+  set(GCRYPT_FOUND TRUE)
 else (GCRYPT_LIBRARIES AND GCRYPT_INCLUDE_DIRS)
 
-    set(_GCRYPT_ROOT_PATHS
-        "$ENV{PROGRAMFILES}/libgcrypt"
+  find_path(GCRYPT_INCLUDE_DIR
+    NAMES
+      gcrypt.h
+    PATHS
+      /usr/include
+      /usr/local/include
+      /opt/local/include
+      /sw/include
+  )
+  mark_as_advanced(GCRYPT_INCLUDE_DIR)
+
+  find_library(GCRYPT_LIBRARY
+    NAMES
+      gcrypt
+    PATHS
+      /usr/lib
+      /usr/local/lib
+      /opt/local/lib
+      /sw/lib
+  )
+  mark_as_advanced(GCRYPT_LIBRARY)
+
+  if (GCRYPT_LIBRARY)
+    set(GCRYPT_FOUND TRUE CACHE INTERNAL "Wether the gcrypt library has been found" FORCE)
+  endif (GCRYPT_LIBRARY)
+
+  set(GCRYPT_INCLUDE_DIRS
+    ${GCRYPT_INCLUDE_DIR}
+  )
+
+  if (GCRYPT_FOUND)
+    set(GCRYPT_LIBRARIES
+      ${GCRYPT_LIBRARIES}
+      ${GCRYPT_LIBRARY}
     )
+  endif (GCRYPT_FOUND)
 
-    find_path(GCRYPT_ROOT_DIR
-        NAMES
-            include/gcrypt.h
-        PATHS
-            ${_GCRYPT_ROOT_PATHS}
-    )
-    mark_as_advanced(ZLIB_ROOT_DIR)
+  if (GCRYPT_INCLUDE_DIRS AND GCRYPT_LIBRARIES)
+     set(GCRYPT_FOUND TRUE)
+  endif (GCRYPT_INCLUDE_DIRS AND GCRYPT_LIBRARIES)
 
-    find_path(GCRYPT_INCLUDE_DIR
-        NAMES
-            gcrypt.h
-        PATHS
-            /usr/local/include
-            /opt/local/include
-            /sw/include
-            /usr/lib/sfw/include
-            ${GCRYPT_ROOT_DIR}/include
-    )
-    set(GCRYPT_INCLUDE_DIRS ${GCRYPT_INCLUDE_DIR})
+  if (GCRYPT_FOUND)
+    if (NOT GCrypt_FIND_QUIETLY)
+      message(STATUS "Found GCrypt: ${GCRYPT_LIBRARIES}")
+    endif (NOT GCrypt_FIND_QUIETLY)
+  else (GCRYPT_FOUND)
+    if (GCrypt_FIND_REQUIRED)
+      message(FATAL_ERROR "Could not find GCrypt")
+    endif (GCrypt_FIND_REQUIRED)
+  endif (GCRYPT_FOUND)
 
-    find_library(GCRYPT_LIBRARY
-        NAMES
-            gcrypt
-            gcrypt11
-            libgcrypt-11
-        PATHS
-            /opt/local/lib
-            /sw/lib
-            /usr/sfw/lib/64
-            /usr/sfw/lib
-            ${GCRYPT_ROOT_DIR}/lib
-    )
-    set(GCRYPT_LIBRARIES ${GCRYPT_LIBRARY})
-
-    include(FindPackageHandleStandardArgs)
-    find_package_handle_standard_args(GCrypt DEFAULT_MSG GCRYPT_LIBRARIES GCRYPT_INCLUDE_DIRS)
-
-    # show the GCRYPT_INCLUDE_DIRS and GCRYPT_LIBRARIES variables only in the advanced view
-    mark_as_advanced(GCRYPT_INCLUDE_DIRS GCRYPT_LIBRARIES)
+  # show the GCRYPT_INCLUDE_DIRS and GCRYPT_LIBRARIES variables only in the advanced view
+  mark_as_advanced(GCRYPT_INCLUDE_DIRS GCRYPT_LIBRARIES)
 
 endif (GCRYPT_LIBRARIES AND GCRYPT_INCLUDE_DIRS)
+

cmake/Modules/FindNSIS.cmake

@@ -1,39 +0,0 @@
-# - Try to find NSIS
-# Once done this will define
-#
-#  NSIS_ROOT_DIR - Set this variable to the root installation of ZLIB
-#
-# Read-Only variables:
-#  NSIS_FOUND - system has NSIS
-#  NSIS_MAKE - NSIS creator executable
-#
-#=============================================================================
-#  Copyright (c) 2010-2011 Andreas Schneider <asn@cryptomilk.org>
-#
-#  Distributed under the OSI-approved BSD License (the "License");
-#  see accompanying file Copyright.txt for details.
-#
-#  This software is distributed WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#  See the License for more information.
-#=============================================================================
-#
-
-set(_NSIS_ROOT_PATHS
-    C:/NSIS/Bin
-    "$ENV{PROGRAMFILES}/NSIS"
-)
-
-find_program(NSIS_MAKE
-    NAMES
-        makensis
-    PATHS
-        ${NSIS_ROOT_PATH}
-        ${NSIS_ROOT_PATH}/Bin
-        ${_NSIS_ROOT_PATHS}
-)
-
-include(FindPackageHandleStandardArgs)
-find_package_handle_standard_args(NSIS DEFAULT_MSG NSIS_MAKE)
-
-mark_as_advanced(NSIS_MAKE)

cmake/Modules/FindOpenSSL.cmake

@@ -1,208 +1,185 @@
 # - Try to find OpenSSL
 # Once done this will define
 #
-#  OPENSSL_ROOT_DIR - Set this variable to the root installation of OpenSSL
-#
-# Read-Only variables:
 #  OPENSSL_FOUND - system has OpenSSL
 #  OPENSSL_INCLUDE_DIRS - the OpenSSL include directory
 #  OPENSSL_LIBRARIES - Link these to use OpenSSL
 #  OPENSSL_DEFINITIONS - Compiler switches required for using OpenSSL
 #
-#=============================================================================
-#  Copyright (c) 2006-2009 Kitware, Inc.
-#  Copyright (c) 2006      Alexander Neundorf <neundorf@kde.org>
-#  Copyright (c) 2009-2010 Mathieu Malaterre <mathieu.malaterre@gmail.com>
-#  Copyright (c) 2011      Andreas Schneider <asn@cryptomilk.org>
+#  Copyright (c) 2009 Andreas Schneider <mail@cynapses.org>
 #
-#  Distributed under the OSI-approved BSD License (the "License");
-#  see accompanying file Copyright.txt for details.
-#
-#  This software is distributed WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#  See the License for more information.
-#=============================================================================
+#  Redistribution and use is allowed according to the terms of the New
+#  BSD license.
+#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 #
 
+
 if (OPENSSL_LIBRARIES AND OPENSSL_INCLUDE_DIRS)
-    # in cache already
-    set(OPENSSL_FOUND TRUE)
+  # in cache already
+  set(OPENSSL_FOUND TRUE)
 else (OPENSSL_LIBRARIES AND OPENSSL_INCLUDE_DIRS)
+  # use pkg-config to get the directories and then use these values
+  # in the FIND_PATH() and FIND_LIBRARY() calls
+  if (${CMAKE_MAJOR_VERSION} EQUAL 2 AND ${CMAKE_MINOR_VERSION} EQUAL 4)
+    include(UsePkgConfig)
+    pkgconfig(openssl _OPENSSL_INCLUDEDIR _OPENSSL_LIBDIR _OPENSSL_LDFLAGS _OPENSSL_CFLAGS)
+  else (${CMAKE_MAJOR_VERSION} EQUAL 2 AND ${CMAKE_MINOR_VERSION} EQUAL 4)
+    find_package(PkgConfig)
+    if (PKG_CONFIG_FOUND)
+      pkg_check_modules(_OPENSSL openssl)
+    endif (PKG_CONFIG_FOUND)
+  endif (${CMAKE_MAJOR_VERSION} EQUAL 2 AND ${CMAKE_MINOR_VERSION} EQUAL 4)
 
-    if (UNIX)
-        find_package(PkgConfig)
-        if (PKG_CONFIG_FOUND)
-            pkg_check_modules(_OPENSSL openssl)
-        endif (PKG_CONFIG_FOUND)
-    endif (UNIX)
+  find_path(OPENSSL_INCLUDE_DIR
+    NAMES
+      openssl/ssl.h
+    PATHS
+      ${_OPENSSL_DIR}/include
+      ${_OPENSSL_INCLUDEDIR}
+      /usr/include
+      /usr/local/include
+      /usr/local/ssl/include
+      /opt/local/include
+      /sw/include
+      /usr/lib/sfw/include
+  )
+  mark_as_advanced(OPENSSL_INCLUDE_DIR)
 
-    # http://www.slproweb.com/products/Win32OpenSSL.html
-    set(_OPENSSL_ROOT_HINTS
-        "[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\OpenSSL (32-bit)_is1;Inno Setup: App Path]"
-        "[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\OpenSSL (64-bit)_is1;Inno Setup: App Path]"
+  find_library(SSL_LIBRARY
+    NAMES
+      ssl
+      libssl
+    PATHS
+      ${_OPENSSL_DIR}/lib
+      ${_OPENSSL_LIBDIR}
+      /usr/lib
+      /usr/local/lib
+      /usr/local/ssl/lib
+      /opt/local/lib
+      /sw/lib
+      /usr/sfw/lib/64
+      /usr/sfw/lib
+  )
+  mark_as_advanced(SSL_LIBRARY)
+
+  find_library(SSLEAY32_LIBRARY
+    NAMES
+      ssleay32
+    PATHS
+      ${_OPENSSL_DIR}/lib
+      ${_OPENSSL_LIBDIR}
+      /usr/lib
+      /usr/local/lib
+      /usr/local/ssl/lib
+      /opt/local/lib
+      /sw/lib
+      /usr/sfw/lib/64
+      /usr/sfw/lib
+  )
+  mark_as_advanced(SSLEAY32_LIBRARY)
+
+  find_library(SSLEAY32MD_LIBRARY
+    NAMES
+      ssleay32MD
+    PATHS
+      ${_OPENSSL_DIR}/lib
+      ${_OPENSSL_LIBDIR}
+      /usr/lib
+      /usr/local/lib
+      /usr/local/ssl/lib
+      /opt/local/lib
+      /sw/lib
+      /usr/sfw/lib/64
+      /usr/sfw/lib
+  )
+  mark_as_advanced(SSLEAY32MD_LIBRARY)
+
+  find_library(CRYPTO_LIBRARY
+    NAMES
+      crypto
+      libcrypto
+      eay
+      eay32
+      libeay
+      libeay32
+    PATHS
+      ${_OPENSSL_DIR}/lib
+      ${_OPENSSL_LIBDIR}
+      /lib
+      /usr/lib
+      /usr/local/lib
+      /usr/local/ssl/lib
+      /opt/local/lib
+      /sw/lib
+      /usr/sfw/lib/64
+      /usr/sfw/lib
+  )
+  mark_as_advanced(CRYPTO_LIBRARY)
+
+  if (SSL_LIBRARY)
+    set(SSL_FOUND TRUE CACHE INTERNAL "Wether the ssl library has been found" FORCE)
+  endif (SSL_LIBRARY)
+
+  if (SSLEAY32_LIBRARY)
+    set(SSLEAY32_FOUND TRUE CACHE INTERNAL "Wether the ssleay32 library has been found" FORCE)
+  endif (SSLEAY32_LIBRARY)
+
+  if (SSLEAY32MD_LIBRARY)
+    set(SSLEAY32MD_FOUND TRUE CACHE INTERNAL "Wether the ssleay32MD library has been found" FORCE)
+  endif (SSLEAY32MD_LIBRARY)
+
+  if (CRYPTO_LIBRARY)
+    set(CRYPTO_FOUND TRUE CACHE INTERNAL "Wether the crypto library has been found" FORCE)
+  endif (CRYPTO_LIBRARY)
+
+  set(OPENSSL_INCLUDE_DIRS
+    ${OPENSSL_INCLUDE_DIR}
+  )
+
+  if (SSL_FOUND)
+    set(OPENSSL_LIBRARIES
+      ${OPENSSL_LIBRARIES}
+      ${SSL_LIBRARY}
     )
+  endif (SSL_FOUND)
 
-    set(_OPENSSL_ROOT_PATHS
-        "C:/OpenSSL/"
-        "C:/OpenSSL-Win32/"
-        "C:/OpenSSL-Win64/"
-        "$ENV{PROGRAMFILES}/OpenSSL"
-        "$ENV{PROGRAMFILES}/OpenSSL-Win32"
-        "$ENV{PROGRAMFILES}/OpenSSL-Win64"
+  if (SSLEAY32_FOUND)
+    set(OPENSSL_LIBRARIES
+      ${OPENSSL_LIBRARIES}
+      ${SSLEAY32_LIBRARY}
     )
+  endif (SSLEAY32_FOUND)
 
-    find_path(OPENSSL_ROOT_DIR
-        NAMES
-            include/openssl/ssl.h
-        HINTS
-            ${_OPENSSL_ROOT_HINTS}
-        PATHS
-            ${_OPENSSL_ROOT_PATHS}
+  if (SSLEAY32MD_FOUND)
+    set(OPENSSL_LIBRARIES
+      ${OPENSSL_LIBRARIES}
+      ${SSLEAY32MD_LIBRARY}
     )
-    mark_as_advanced(OPENSSL_ROOT_DIR)
+  endif (SSLEAY32MD_FOUND)
 
-    find_path(OPENSSL_INCLUDE_DIR
-        NAMES
-            openssl/ssl.h
-        PATHS
-            /usr/local/include
-            /opt/local/include
-            /sw/include
-            /usr/lib/sfw/include
-            ${OPENSSL_ROOT_DIR}/include
+  if (CRYPTO_FOUND)
+    set(OPENSSL_LIBRARIES
+      ${OPENSSL_LIBRARIES}
+      ${CRYPTO_LIBRARY}
     )
+  endif (CRYPTO_FOUND)
 
-    set(OPENSSL_INCLUDE_DIRS ${OPENSSL_INCLUDE_DIR})
-    mark_as_advanced(OPENSSL_INCLUDE_DIRS)
+  if (OPENSSL_INCLUDE_DIRS AND OPENSSL_LIBRARIES)
+     set(OPENSSL_FOUND TRUE)
+  endif (OPENSSL_INCLUDE_DIRS AND OPENSSL_LIBRARIES)
 
-    if (WIN32 AND NOT CYGWIN)
-        # MINGW should go here too
-        if (MSVC)
-            # /MD and /MDd are the standard values - if someone wants to use
-            # others, the libnames have to change here too
-            # use also ssl and ssleay32 in debug as fallback for openssl < 0.9.8b
-            # TODO: handle /MT and static lib
-            # In Visual C++ naming convention each of these four kinds of Windows libraries has it's standard suffix:
-            #   * MD for dynamic-release
-            #   * MDd for dynamic-debug
-            #   * MT for static-release
-            #   * MTd for static-debug
+  if (OPENSSL_FOUND)
+    if (NOT OpenSSL_FIND_QUIETLY)
+      message(STATUS "Found OpenSSL: ${OPENSSL_LIBRARIES}")
+    endif (NOT OpenSSL_FIND_QUIETLY)
+  else (OPENSSL_FOUND)
+    if (OpenSSL_FIND_REQUIRED)
+      message(FATAL_ERROR "Could not find OpenSSL")
+    endif (OpenSSL_FIND_REQUIRED)
+  endif (OPENSSL_FOUND)
 
-            # Implementation details:
-            # We are using the libraries located in the VC subdir instead of the parent directory eventhough :
-            # libeay32MD.lib is identical to ../libeay32.lib, and
-            # ssleay32MD.lib is identical to ../ssleay32.lib
-            find_library(LIB_EAY_DEBUG
-                NAMES
-                    libeay32MDd
-                    libeay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/VC
-            )
-
-            find_library(LIB_EAY_RELEASE
-                NAMES
-                    libeay32MD
-                    libeay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/VC
-            )
-
-            find_library(SSL_EAY_DEBUG
-                NAMES
-                    ssleay32MDd
-                    ssleay32
-                    ssl
-                PATHS ${OPENSSL_ROOT_DIR}/lib/VC
-            )
-
-            find_library(SSL_EAY_RELEASE
-                NAMES
-                    ssleay32MD
-                    ssleay32
-                    ssl
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/VC
-            )
-
-            if (CMAKE_CONFIGURATION_TYPES OR CMAKE_BUILD_TYPE)
-                set(OPENSSL_LIBRARIES
-                    optimized ${SSL_EAY_RELEASE} debug ${SSL_EAY_DEBUG}
-                    optimized ${LIB_EAY_RELEASE} debug ${LIB_EAY_DEBUG}
-                )
-            else (CMAKE_CONFIGURATION_TYPES OR CMAKE_BUILD_TYPE)
-                set( OPENSSL_LIBRARIES ${SSL_EAY_RELEASE} ${LIB_EAY_RELEASE} )
-            endif (CMAKE_CONFIGURATION_TYPES OR CMAKE_BUILD_TYPE)
-
-            mark_as_advanced(SSL_EAY_DEBUG SSL_EAY_RELEASE)
-            mark_as_advanced(LIB_EAY_DEBUG LIB_EAY_RELEASE)
-        elseif (MINGW)
-            # same player, for MingW
-            find_library(LIB_EAY
-                NAMES
-                    libeay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/MinGW
-            )
-
-            find_library(SSL_EAY
-                NAMES
-                    ssleay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib/MinGW
-            )
-
-            mark_as_advanced(SSL_EAY LIB_EAY)
-            set(OPENSSL_LIBRARIES ${SSL_EAY} ${LIB_EAY})
-        else(MSVC)
-            # Not sure what to pick for -say- intel, let's use the toplevel ones and hope someone report issues:
-            find_library(LIB_EAY
-                NAMES
-                    libeay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib
-            )
-
-            find_library(SSL_EAY
-                NAMES
-                    ssleay32
-                PATHS
-                    ${OPENSSL_ROOT_DIR}/lib
-            )
-
-            mark_as_advanced(SSL_EAY LIB_EAY)
-            set(OPENSSL_LIBRARIES ${SSL_EAY} ${LIB_EAY})
-        endif(MSVC)
-    else (WIN32 AND NOT CYGWIN)
-        find_library(OPENSSL_SSL_LIBRARIES
-            NAMES
-                ssl
-                ssleay32
-                ssleay32MD
-            PATHS
-                ${_OPENSSL_LIBDIR}
-                /opt/local/lib
-                /sw/lib
-                /usr/sfw/lib/64
-                /usr/sfw/lib
-        )
-
-        find_library(OPENSSL_CRYPTO_LIBRARIES
-            NAMES
-                crypto
-            PATHS
-                ${_OPENSSL_LIBDIR}
-                /opt/local/lib
-                /sw/lib
-                /usr/sfw/lib/64
-                /usr/sfw/lib
-        )
-
-        mark_as_advanced(OPENSSL_CRYPTO_LIBRARIES OPENSSL_SSL_LIBRARIES)
-        set(OPENSSL_LIBRARIES ${OPENSSL_SSL_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARIES})
-    endif (WIN32 AND NOT CYGWIN)
-
-    include(FindPackageHandleStandardArgs)
-    find_package_handle_standard_args(OpenSSL DEFAULT_MSG OPENSSL_LIBRARIES OPENSSL_INCLUDE_DIRS)
+  # show the OPENSSL_INCLUDE_DIRS and OPENSSL_LIBRARIES variables only in the advanced view
+  mark_as_advanced(OPENSSL_INCLUDE_DIRS OPENSSL_LIBRARIES)
 
 endif (OPENSSL_LIBRARIES AND OPENSSL_INCLUDE_DIRS)
+

cmake/Modules/FindZLIB.cmake

@@ -1,119 +1,81 @@
 # - Try to find ZLIB
 # Once done this will define
 #
-#  ZLIB_ROOT_DIR - Set this variable to the root installation of ZLIB
-#
-# Read-Only variables:
 #  ZLIB_FOUND - system has ZLIB
 #  ZLIB_INCLUDE_DIRS - the ZLIB include directory
 #  ZLIB_LIBRARIES - Link these to use ZLIB
+#  ZLIB_DEFINITIONS - Compiler switches required for using ZLIB
 #
-#  ZLIB_VERSION_STRING - The version of zlib found (x.y.z)
-#  ZLIB_VERSION_MAJOR  - The major version of zlib
-#  ZLIB_VERSION_MINOR  - The minor version of zlib
-#  ZLIB_VERSION_PATCH  - The patch version of zlib
-#  ZLIB_VERSION_TWEAK  - The tweak version of zlib
+#  Copyright (c) 2009 Andreas Schneider <mail@cynapses.org>
 #
-# The following variable are provided for backward compatibility
-#
-#  ZLIB_MAJOR_VERSION  - The major version of zlib
-#  ZLIB_MINOR_VERSION  - The minor version of zlib
-#  ZLIB_PATCH_VERSION  - The patch version of zlib
-#
-#=============================================================================
-#  Copyright (c) 2001-2009 Kitware, Inc.
-#  Copyright (c) 2011      Andreas Schneider <asn@cryptomilk.org>
-#
-#  Distributed under the OSI-approved BSD License (the "License");
-#  see accompanying file Copyright.txt for details.
-#
-#  This software is distributed WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#  See the License for more information.
-#=============================================================================
+#  Redistribution and use is allowed according to the terms of the New
+#  BSD license.
+#  For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 #
 
+
 if (ZLIB_LIBRARIES AND ZLIB_INCLUDE_DIRS)
   # in cache already
   set(ZLIB_FOUND TRUE)
 else (ZLIB_LIBRARIES AND ZLIB_INCLUDE_DIRS)
 
-    set(_ZLIB_ROOT_HINTS
-        "[HKEY_LOCAL_MACHINE\\SOFTWARE\\GnuWin32\\Zlib;InstallPath]/include"
+  find_path(ZLIB_INCLUDE_DIR
+    NAMES
+      zlib.h
+    PATHS
+      ${_ZLIB_DIR}/include
+      /usr/include
+      /usr/local/include
+      /opt/local/include
+      /sw/include
+  )
+  mark_as_advanced(ZLIB_INCLUDE_DIR)
+
+  find_library(Z_LIBRARY
+    NAMES
+      z
+      zlib
+      zlib1
+    PATHS
+      ${_ZLIB_DIR}/lib
+      /usr/lib
+      /usr/local/lib
+      /opt/local/lib
+      /sw/lib
+  )
+  mark_as_advanced(Z_LIBRARY)
+
+  if (Z_LIBRARY)
+    set(Z_FOUND TRUE)
+  endif (Z_LIBRARY)
+
+  set(ZLIB_INCLUDE_DIRS
+    ${ZLIB_INCLUDE_DIR}
+  )
+
+  if (Z_FOUND)
+    set(ZLIB_LIBRARIES
+      ${ZLIB_LIBRARIES}
+      ${Z_LIBRARY}
     )
+  endif (Z_FOUND)
 
-    set(_ZLIB_ROOT_PATHS
-        "$ENV{PROGRAMFILES}/zlib"
-    )
+  if (ZLIB_INCLUDE_DIRS AND ZLIB_LIBRARIES)
+     set(ZLIB_FOUND TRUE)
+  endif (ZLIB_INCLUDE_DIRS AND ZLIB_LIBRARIES)
 
-    find_path(ZLIB_ROOT_DIR
-        NAMES
-            include/zlib.h
-        HINTS
-            ${_ZLIB_ROOT_HINTS}
-        PATHS
-            ${_ZLIB_ROOT_PATHS}
-    )
-    mark_as_advanced(ZLIB_ROOT_DIR)
+  if (ZLIB_FOUND)
+    if (NOT ZLIB_FIND_QUIETLY)
+      message(STATUS "Found ZLIB: ${ZLIB_LIBRARIES}")
+    endif (NOT ZLIB_FIND_QUIETLY)
+  else (ZLIB_FOUND)
+    if (ZLIB_FIND_REQUIRED)
+      message(FATAL_ERROR "Could not find ZLIB")
+    endif (ZLIB_FIND_REQUIRED)
+  endif (ZLIB_FOUND)
 
-    # check for header file
-    find_path(ZLIB_INCLUDE_DIR
-        NAMES
-            zlib.h
-        PATHS
-            /usr/local/include
-            /opt/local/include
-            /sw/include
-            /usr/lib/sfw/include
-            ${ZLIB_ROOT_DIR}/include
-    )
-    mark_as_advanced(ZLIB_INCLUDE_DIR)
+  # show the ZLIB_INCLUDE_DIRS and ZLIB_LIBRARIES variables only in the advanced view
+  mark_as_advanced(ZLIB_INCLUDE_DIRS ZLIB_LIBRARIES)
 
-    # check version number
-    if (ZLIB_INCLUDE_DIR AND EXISTS "${ZLIB_INCLUDE_DIR}/zlib.h")
-        file(STRINGS "${ZLIB_INCLUDE_DIR}/zlib.h" ZLIB_H REGEX "^#define ZLIB_VERSION \"[^\"]*\"$")
-
-        string(REGEX REPLACE "^.*ZLIB_VERSION \"([0-9]+).*$" "\\1" ZLIB_VERSION_MAJOR "${ZLIB_H}")
-        string(REGEX REPLACE "^.*ZLIB_VERSION \"[0-9]+\\.([0-9]+).*$" "\\1" ZLIB_VERSION_MINOR  "${ZLIB_H}")
-        string(REGEX REPLACE "^.*ZLIB_VERSION \"[0-9]+\\.[0-9]+\\.([0-9]+).*$" "\\1" ZLIB_VERSION_PATCH "${ZLIB_H}")
-
-        set(ZLIB_VERSION_STRING "${ZLIB_VERSION_MAJOR}.${ZLIB_VERSION_MINOR}.${ZLIB_VERSION_PATCH}")
-
-        # only append a TWEAK version if it exists:
-        set(ZLIB_VERSION_TWEAK "")
-        if ("${ZLIB_H}" MATCHES "^.*ZLIB_VERSION \"[0-9]+\\.[0-9]+\\.[0-9]+\\.([0-9]+).*$")
-            set(ZLIB_VERSION_TWEAK "${CMAKE_MATCH_1}")
-            set(ZLIB_VERSION_STRING "${ZLIB_VERSION_STRING}.${ZLIB_VERSION_TWEAK}")
-        endif ("${ZLIB_H}" MATCHES "^.*ZLIB_VERSION \"[0-9]+\\.[0-9]+\\.[0-9]+\\.([0-9]+).*$")
-
-        set(ZLIB_MAJOR_VERSION "${ZLIB_VERSION_MAJOR}")
-        set(ZLIB_MINOR_VERSION "${ZLIB_VERSION_MINOR}")
-        set(ZLIB_PATCH_VERSION "${ZLIB_VERSION_PATCH}")
-    endif (ZLIB_INCLUDE_DIR AND EXISTS "${ZLIB_INCLUDE_DIR}/zlib.h")
-
-    find_library(ZLIB_LIBRARY
-        NAMES
-            z
-            zdll
-            zlib
-            zlib1
-        PATHS
-            /usr/local/lib
-            /opt/local/lib
-            /sw/lib
-            /usr/sfw/lib/64
-            /usr/sfw/lib
-            ${ZLIB_ROOT_DIR}/lib
-    )
-    mark_as_advanced(ZLIB_LIBRARY)
-
-    include(FindPackageHandleStandardArgs)
-    find_package_handle_standard_args(ZLIB DEFAULT_MSG ZLIB_INCLUDE_DIR ZLIB_LIBRARY)
-    #find_package_handle_standard_args(ZLIB REQUIRED_VARS ZLIB_INCLUDE_DIR ZLIB_LIBRARY
-    #                                       VERSION_VAR ZLIB_VERSION_STRING)
-
-    if (ZLIB_FOUND)
-        set(ZLIB_INCLUDE_DIRS ${ZLIB_INCLUDE_DIR})
-        set(ZLIB_LIBRARIES ${ZLIB_LIBRARY})
-    endif (ZLIB_FOUND)
 endif (ZLIB_LIBRARIES AND ZLIB_INCLUDE_DIRS)
+

cmake/Modules/MacroCheckCCompilerFlagSSP.cmake

@@ -1,26 +0,0 @@
-# - Check whether the C compiler supports a given flag in the
-# context of a stack checking compiler option.
-# CHECK_C_COMPILER_FLAG_SSP(FLAG VARIABLE)
-#
-#  FLAG - the compiler flag
-#  VARIABLE - variable to store the result
-# 
-#  This actually calls the check_c_source_compiles macro.
-#  See help for CheckCSourceCompiles for a listing of variables
-#  that can modify the build.
-
-# Copyright (c) 2006, Alexander Neundorf, <neundorf@kde.org>
-#
-# Redistribution and use is allowed according to the terms of the BSD license.
-# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-
-
-INCLUDE(CheckCSourceCompiles)
-
-MACRO (CHECK_C_COMPILER_FLAG_SSP _FLAG _RESULT)
-   SET(SAFE_CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS}")
-   SET(CMAKE_REQUIRED_DEFINITIONS "${_FLAG}")
-   CHECK_C_SOURCE_COMPILES("int main(int argc, char **argv) { char buffer[256]; return buffer[argc]=0;}" ${_RESULT})
-   SET (CMAKE_REQUIRED_DEFINITIONS "${SAFE_CMAKE_REQUIRED_DEFINITIONS}")
-ENDMACRO (CHECK_C_COMPILER_FLAG_SSP)
-

config.h.cmake

@@ -35,32 +35,29 @@
 /* Define to 1 if you have the <openssl/des.h> header file. */
 #cmakedefine HAVE_OPENSSL_DES_H 1
 
-/* Define to 1 if you have the <pthread.h> header file. */
-#cmakedefine HAVE_PTHREAD_H 1
-
-
 /*************************** FUNCTIONS ***************************/
 
-/* Define to 1 if you have the `snprintf' function. */
-#cmakedefine HAVE_SNPRINTF 1
-
-/* Define to 1 if you have the `_snprintf' function. */
-#cmakedefine HAVE__SNPRINTF 1
-
-/* Define to 1 if you have the `_snprintf_s' function. */
-#cmakedefine HAVE__SNPRINTF_S 1
-
 /* Define to 1 if you have the `vsnprintf' function. */
-#cmakedefine HAVE_VSNPRINTF 1
+#cmakedefine HAVE_VSNPRINTF
 
 /* Define to 1 if you have the `_vsnprintf' function. */
-#cmakedefine HAVE__VSNPRINTF 1
+#cmakedefine HAVE__VSNPRINTF
 
 /* Define to 1 if you have the `_vsnprintf_s' function. */
-#cmakedefine HAVE__VSNPRINTF_S 1
+#cmakedefine HAVE__VSNPRINTF_S
+
+/* Define to 1 if you have the `snprintf' function. */
+#cmakedefine HAVE_SNPRINTF
+
+/* Define to 1 if you have the `_snprintf' function. */
+#cmakedefine HAVE__SNPRINTF
+
+/* Define to 1 if you have the `_snprintf_s' function. */
+#cmakedefine HAVE__SNPRINTF_S
+
 
 /* Define to 1 if you have the `strncpy' function. */
-#cmakedefine HAVE_STRNCPY 1
+#cmakedefine HAVE_STRNCPY
 
 /* Define to 1 if you have the `cfmakeraw' function. */
 #cmakedefine HAVE_CFMAKERAW 1
@@ -68,6 +65,9 @@
 /* Define to 1 if you have the `getaddrinfo' function. */
 #cmakedefine HAVE_GETADDRINFO 1
 
+/* Define to 1 if you have the `gethostbyname' function. */
+#cmakedefine HAVE_GETHOSTBYNAME 1
+
 /* Define to 1 if you have the `poll' function. */
 #cmakedefine HAVE_POLL 1
 
@@ -77,12 +77,6 @@
 /* Define to 1 if you have the `regcomp' function. */
 #cmakedefine HAVE_REGCOMP 1
 
-/* Define to 1 if you have the `clock_gettime' function. */
-#cmakedefine HAVE_CLOCK_GETTIME 1
-
-/* Define to 1 if you have the `ntohll' function. */
-#cmakedefine HAVE_NTOHLL 1
-
 /*************************** LIBRARIES ***************************/
 
 /* Define to 1 if you have the `crypto' library (-lcrypto). */
@@ -94,10 +88,6 @@
 /* Define to 1 if you have the `z' library (-lz). */
 #cmakedefine HAVE_LIBZ 1
 
-/* Define to 1 if you have the `pthread' library (-lpthread). */
-#cmakedefine HAVE_PTHREAD 1
-
-
 /**************************** OPTIONS ****************************/
 
 /* Define to 1 if you want to enable ZLIB */
@@ -126,3 +116,17 @@
 /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
    significant byte first (like Motorola and SPARC, unlike Intel). */
 #cmakedefine WORDS_BIGENDIAN 1
+
+/************************* MS Windows ***************************/
+
+#ifdef _WIN32
+# ifdef _MSC_VER
+/* On Microsoft compilers define inline to __inline on all others use inline */
+#  undef inline
+#  define inline __inline
+
+#  undef strdup
+#  define strdup _strdup
+# endif // _MSC_VER
+#endif /* _WIN32 */
+

doc/API.html

@@ -0,0 +1,886 @@
+ <!DOCTYPE HTML SYSTEM>
+<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
+<head>
+<title>
+Libssh's Documentation
+</title>
+<link href="style.css" rel="stylesheet" type="text/css">
+</head>
+
+<div id="titre">
+<div align="center">
+LIBSSH API GUIDE <br>
+Or everything you ever wanted to know about a simple and fast ssh library.
+
+</div>
+</div>
+
+<h2> 0 Introduction</h2>
+
+<div class="tout">
+Before inserting ssh hooks into your programs, you must know some basics about 
+the ssh protocol, and understand why the ssh library must implement them. <br>
+Lot of the protocols specifications are hidden by the ssh library API (of 
+course !) but some still needs an attention from the end-user programmer.<br> 
+Note that libssh is still an alpha product, and the API may vary from one 
+version to another. The only guess I can make is that the API won't radically 
+change. <br>
+The SSH protocol was designed for some goals which I resume here : <br>
+-Privacy of data<br>
+-Security<br>
+-Authentication of the server<br>
+-Authentication of the client.<br>
+The client MUST be sure who's speaking to before entering into any 
+authentication way. That's where the end programmer must ensure the given 
+fingerprints *are* from the legitimate server. A ssh connection must follow 
+the following steps:<br>
+<br>
+1- Before connecting the socket, you can set up if you wish one or other 
+   server public key authentication ie. DSA or RSA.
+   You can choose cryptographic algorithms you trust and compression algorithms 
+   if any.<br>
+2- The connection is made. A secure handshake is made, and resulting from it, 
+   a public key from the server is gained.
+   You MUST verify that the public key is legitimate.<br>
+3- The client must authenticate : the two implemented ways are password, and 
+   public keys (from dsa and rsa key-pairs generated by openssh). It is 
+   harmless to authenticate to a fake server with these keys because the 
+   protocol ensures the data you sign can't be used twice. It just avoids 
+   man-in-the-middle attacks.<br>
+4- Now that the user has been authenticated, you must open one or several 
+   channels. channels are different subways for information into a single ssh 
+   connection. Each channel has a standard stream (stdout) and an error 
+   stream (stderr). You can theoretically open an infinity of channel.<br>
+5- With the channel you opened, you can do several things :<br>
+    -Open a shell. You may want to request a pseudo virtual terminal before <br>
+    -Execute a command. The virtual terminal is usable, too<br>
+    -Invoke the sftp subsystem. (look at chapter 6)<br>
+    -invoke your own subsystem. This is out the scope of this 
+    document but it is easy to do.<br>
+6- When everything is finished, just close the channels, and then the 
+   connection.<br>
+<br>
+At every place, a function which returns an error code (typically -1 for int 
+values, NULL for pointers) also sets an error message and an error code.
+I high-lined the main steps, now that's you to follow them :)
+<br>
+</div>
+<h2> 1- Setting the options </h2>
+<div class="tout">
+The options mechanism will change during updates of the library, but the 
+functions which exists now will certainly be kept.
+<br><br>
+The ssh system needs to know the preferences of the user, the trust into one 
+or another algorithm and such. More important informations have to be given 
+before connecting : the host name of the server, the port (if non default), 
+the binding address, the default username, ... <br>
+The options structure is given to a ssh_connect function, then this option 
+structure is used again and again by the ssh implementation. you shall not 
+free it manually, and you shall not share it with multiple sessions.<br>
+Two ways are given for setting the options : the easy one (of course !) and 
+the long-but-accurate one.<br><br>
+</div>
+<h3>a) the easy way</h3><br>
+<div class="tout">
+Lot of ssh options in fact come from the command line of the program... <br>
+you could parse them and then use the long way for every argument, but libssh 
+has a mechanism to do that for you, automatically.<br>
+<br>
+<div class="prot">
+SSH_OPTIONS *ssh_getopt(int *argcptr, char **argv);
+</div>
+this function will return you a new options pointer based on the arguments 
+you give in parameters. <br> better, they clean the argv array from used parameters
+so you can use them after in your own program<br>
+<div class="ex">
+int main(int argc, char **argv){<br>
+	SSH_OPTIONS *opt;<br>
+	opt=ssh_getopt(&argc, argv);<br>
+	if(!opt){<br>
+		...<br>
+	}<br>
+</div>
+the function will return NULL if some problem is appearing.<br>
+As a matter of portability for you own programs, the hostname isn't always<br> 
+the first argument from the command line, so the single arguments (not 
+preceded by a -something) won't be parsed.<br>
+<div class="ex">
+example: <br>
+user@host:~$ myssh -u aris localhost <br>
+-u aris will be caught, localhost will not.<br>
+</div>
+
+cfr the options_set_user() function in the next part for more informations 
+about it.<br>
+</div>
+<h3>b) the long way</h3>
+<div class="tout">
+<div class="prot"> 
+SSH_OPTIONS *options_new();
+</div>
+This function returns an empty but initialized option structure pointer.<br>
+The structure is freed by ssh_disconnect described later, so don't use the 
+existing function options_free() (it's an internal function).<br>
+So : use it only for <b>one</b> ssh_connect(), <b>never</b> free it.<br>
+<br>
+<div class="prot">
+SSH_OPTIONS *options_copy(SSH_OPTIONS *opt);
+</div>
+If you need to replicate an option object before using it, use this function.
+<br><br>
+
+The following functions are all of the following form : <br>
+<div class="prot"> 
+int options_set_something(SSH_OPTIONS *opt, something);
+</div>
+the something parameters are always internaly copied, so you don't have to 
+strdup them.<br>
+some return eather 0 or -1, in which case an error message appears in the 
+error functions, others never fail (return void)<br>
+the error codes and descriptions for these functions are recoverable throught <i>ssh_get_error(NULL);</i>
+<br>
+<div class="prot"> 
+int options_set_wanted_method(SSH_OPTIONS *opt,int method, char *list);
+</div>
+Passing an option structure, a ssh macro for the method, and a list of allowed
+parameters indicates libssh you want to use these.<br>
+The macros are :<br>
+KEX_ALGO<br>
+KEX_HOSTKEY         Server public key type expected<br>
+KEX_CRYPT_C_S 2 Cryptographic algorithm client->server<br>
+KEX_CRYPT_S_C 3 Cryptographic algorithm server->client<br>
+KEX_MAC_C_S 4<br>
+KEX_MAC_S_C 5<br>
+KEX_COMP_C_S 6      Compression method for the stream ("zlib" or "none"), client to server<br>
+KEX_COMP_S_C 7      Compression method for the stream ("zlib" or "none"), server to client<br>
+KEX_LANG_C_S 8<br>
+KEX_LANG_S_C 9<br>
+<br>
+Currently, only KEX_HOSTKEY and ,KEX_CRYPT_C_S,S_C, KEX_COMP_C_S and S_C work
+as expected. the list is a comma separated string of prefered 
+algorithms/methods, in order of preference.<br>
+<br>
+<div class="ex">
+example : this sets the ssh stream to be compressed in client->server mode only
+<br>
+
+ret = option_set_wanted_method(options,KEX_COMP_C_S,"zlib");
+</div>
+<div class="ex">
+example: this will set the cryptographic algorithms wanted from server to
+client to aes128-cbc and then aes192-cbc if the first one isn't supported by
+server:<br>
+ret = option_set_wanted_method(options,KEX_CRYPT_S_C,"aes128-cbc,aes192-cbc");
+</div>
+<div class="ex">
+if you prefer getting the Dss key from a server instead of rsa, but you still
+accept rsa if dss isn't available :<br>
+options_set_wanted_method(options,KEX_HOSTKEY,"ssh-dss,ssh-rsa");
+</div>
+return value: <br>0 if the option is valid, -1 else.<br> An error is set in that case.
+<br><br>
+<div class="prot">
+void options_set_port(SSH_OPTIONS *opt, unsigned int port);
+</div>
+this function sets the server port.
+<div class="prot">
+void options_set_host(SSH_OPTIONS *opt, const char *hostname);
+</div>
+this function sets the hostname of the server. It also supports
+"user@hostname" syntax in which case the user options is set too.
+<div class="prot">
+void options_set_fd(SSH_OPTIONS *opt, int fd);
+</div>
+permits you to specify an opened file descriptor you've opened yourself.
+<br>
+It's a good way of bypassing the internal FD opening in libssh, but there are things you should take care of : <br>
+-The file descriptor should be returned to libssh without nonblocking settings<br>
+-If you wish to use <i>is_server_known()</i> You should also set <i>options_set_host</i>... Otherwise libssh won't have any mean of certifying the server is known or not.<br><br>
+<div class="prot">
+void options_set_bindaddr(SSH_OPTIONS *opt, char *bindaddr);
+</div>
+this function allows you to set the binding address, in case your computer has
+multiple IP or interfaces. it supports both hostnames and IP's
+<br><br>
+<div class="prot">
+void options_set_username(SSH_OPTIONS *opt,char *username);
+</div>
+sets username for authenticating in this session.
+<br><br>
+
+<div class="prot">
+void option_set_timeout(SSH_OPTIONS *opt,long seconds, long usec);
+</div>
+sets the timeout for connecting to the socket. It does not include a timeout for the name resolving or handshake.
+<br>
+<br>
+<div class="prot">
+void options_set_ssh_dir(SSH_OPTIONS *opt, char *dir);
+</div>
+this function sets the .ssh/ directory used by libssh. You may use a %s
+which will be replaced by the home directory of the user.
+NEVER accept parameters others than the user's one, they may contain
+format strings which are a security hole if a malicious agent gives it.
+<br><br>
+<div class="prot">
+void options_set_known_hosts_file(SSH_OPTIONS *opt, char *dir);
+</div>
+same than <i>options_set_ssh_dir()</i> for known_hosts file.
+<br><br>
+<div class="prot">
+void options_set_identity(SSH_OPTIONS *opt, char *identity);
+</div>
+same than upper for the identity file (they come by pair, the one asked is the file without the .pub suffix)
+<br><br>
+<div class="prot">
+void options_set_status_callback(SSH_OPTIONS *opt, void (*callback)(void *arg, float status), void *arg);
+</div>
+Because more and more developpers use libssh with GUI, I've added this function to make the ssh_connect function more
+interactive. This permits to set a callback of the form 
+<div class="prot">void function(void *userarg, float status);</div> with status going from 0 to 1 during ssh_connect. The callback won't ever be called after the connection is made.
+<br><br>
+</div>
+<h2>
+2- Connecting the ssh server
+</H2>
+<div class="tout">
+The API provides an abstract data type, SSH_SESSION, which describes the 
+connection to one particular server. You can make several connections to
+different servers under the same process because of this structure.
+<br>
+<br>
+<div class="prot">
+SSH_SESSION *ssh_connect(SSH_OPTIONS *options);
+</div>
+This function returns a handle on the newly connection. This function expects
+to have a pre-set options structure.
+<br>
+It returns NULL in case of error, in which case you can look at error messages
+for more informations.
+<br><br>
+<div class="prot">
+void ssh_disconnect(SSH_SESSION *session);
+</div>
+This function sends a polite disconnect message, and does clean the session.<br>
+This is the proper way of finishing a ssh connection.<br>
+<br>
+<div class="prot">
+int ssh_get_pubkey_hash(SSH_SESSION *session, char hash[MD5_DIGEST_LEN]);
+</div>
+This function places the MD5 hash of the server public key into the hash array.<br>
+It's IMPORTANT to verify it matches the previous known value. One server always
+have the same hash. No other server/attacker can emulate it (or it'd be caught
+by the public key verification procedure automatically made by libssh).
+<br>
+You can skip this step if you correctly handle <i>is_server_known()</i>
+<br><br>
+<div class="prot">
+int ssh_is_server_known(SSH_SESSION *session);
+</div>
+
+Checks the user's known host file to look for a previous connection to the specified server. Return values:<br>
+SSH_SERVER_KNOWN_OK : the host is known and the key has not changed<br>
+SSH_SERVER_KNOWN_CHANGED : The host's key has changed. Either you are under
+an active attack or the key changed. The API doesn't give any way to modify the key in known hosts yet. I Urge end developers to WARN the user about the possibility of an attack.<br>
+SSH_SERVER_FOUND_OTHER: The host gave us a public key of one type, which does 
+not exist yet in our known host file, but there is an other type of key which is know.<br>
+IE server sent a DSA key and we had a RSA key.<br>
+Be carreful it's a possible attack (coder should use option_set_wanted_method() to specify
+which key to use).<br>
+SSH_SERVER_NOT_KNOWN: the server is unknown in known hosts. Possible reasons :
+case not matching, alias, ... In any case the user MUST confirm the Md5 hash is correct.<br>
+SSH_SERVER_ERROR : Some error happened while opening known host file.<br>
+<br>
+<div class="prot">
+int ssh_write_knownhost(SSH_SESSION *session);
+</div>
+write the current connected host as known in the known host file. returns a negative value if something went wrong. You generaly use it when ssh_is_server_known returned SSH_SERVER_NOT_KNOWN.
+<br><br>
+<div class="prot">
+int pubkey_get_hash(SSH_SESSION *session,char hash[MD5_DIGEST_LEN]);
+</div>
+deprecated but left for binary compatibility (will be removed in newer versions).
+</div>
+
+<h2>3- Authenticating to server</h2>
+<div class="tout">
+The ssh library supports the two most used authentication methods from SSH.
+In every function, there is a "username" argument. If null is given instead,
+the server will use the default username (which is guessed from what you gave
+to options_set_user or options_set_hostname or even the local user running the code).
+<br>
+ 
+Authentication methods :<br>
+<h3>A) Public keys</h3><br>
+ The public key is the only method which does not compromise your key if the 
+ remote host has been compromised (the server can't do anything more than 
+ getting your public key). This is not the case of a password authentication
+ (the server can get your plaintext password).<br>
+ Libssh is obviously fully compatible with the openssh public and private keys.<br>
+ The things go this way : you scan a list of files which contain public keys.<br>
+ For each key, you send it to ssh server until the server acknowledges a key 
+ (a key it knows). Then, you get the private key for this key and send a 
+ message proving you own that private key.<br>
+ Here again, two ways for the public key authentication... the easy and the 
+ complicated one.<br>
+<br>
+<h4> easy way:</h4>
+<div class="prot">
+int ssh_userauth_autopubkey(SSH_SESSION *session);
+</div>
+This function will try the most common places for finding the public and 
+ private keys (your home directory) or eventualy the identity files asked by 
+ the <i>options_set_identity()</i> function.<br>
+ The return values are :<br>
+ SSH_AUTH_ERROR : some serious error happened during authentication<br>
+ SSH_AUTH_DENIED : no key matched<br>
+ SSH_AUTH_SUCCESS : you are now authenticated<br>
+ SSH_AUTH_PARTIAL : some key matched but you still have to give an other mean 
+                of authentication (like password).<br>
+<br>
+<h4> peanful way:</h4>
+ there are three steps : you get a public key, you ask the server if the key
+ matches a known one, if true, you get the private key and authenticate with
+ it.<br>
+ <div class="prot">
+ STRING *publickey_from_file(char *filename,int *_type);
+</div>
+will return an handle on a public key. if you give a pointer to an int, 
+ a symbolic value will be placed there. Do it because you need it in next 
+ step.<br><br>
+<div class="prot">
+ int ssh_userauth_offer_pubkey(SSH_SESSION *session, char *username,
+                                         int type, STRING *publickey);
+ </div>
+ this function will offer a public key to the server. SSH_AUTH_SUCCESS is 
+ returned if the key is accepted (in which case you'll want to get the 
+ private key), SSH_AUTH_DENIED otherwise.<br> 
+ Still watch for SSH_AUTH_ERROR as connection problems might happen.
+<br>
+ in case of SSH_AUTH_SUCCESS,
+ <br>
+ <div class="prot">
+ PRIVATE_KEY *privatekey_from_file(SSH_SESSION *session,char *filename,
+                                             int type,char *passphrase);
+ </div>
+ will get the privatekey from the filename previously set by
+ publickey_from_next_file(). You can call it with a passphrase for
+ unlocking the key. If passphrase==NULL, the default prompt will be used.<br> 
+ The function returns NULL if the private key wasn't opened 
+ (ie bad passphrase or missing file).<br>
+<br>
+<div class="prot">
+ int ssh_userauth_pubkey(SSH_SESSION *session, char *username, 
+                         STRING *publickey, PRIVATE_KEY *privatekey);
+</div>
+ Will try to authenticate using the public and private key. It shall return 
+ SSH_AUTH_SUCCESS if you are authenticated, SSH_AUTH_ERROR, SSH_AUTH_DENIED or 
+ SSH_AUTH_PARTIAL depending of return condition.<br>
+
+ each public key (of type STRING) must be freed with the libc "free" function.<br>
+ The private key must be freed with private_key_free(PRIVATE_KEY *) which 
+ will clean the memory before (don't worry about passphrase leaking).<br>
+ <br>
+
+<h3> B) Password</h3><br>
+ <div class="prot">
+ int ssh_userauth_password(SSH_SESSION *session,char *username,char *password);
+ </div>
+ Will return SSH_AUTH_SUCCESS if the password matched, one of other constants 
+ otherwise. It's your work to ask the password and to free it in a secure 
+ manner.<br><br>
+
+<h3> C) Keyboard-interactive</h3><br>
+ <div class="prot">
+ int ssh_userauth_kbdint(SSH_SESSION *session, char *user, char *submethods);
+ </div>
+ This is the main keyboard-interactive function. It will return SSH_AUTH_SUCCESS,SSH_AUTH_DENIED, SSH_AUTH_PARTIAL, SSH_AUTH_ERROR depending on the result of the request.<br>
+ The keyboard-interactive authentication method of SSH2 is a feature which permits the server to ask a certain number of questions in an interactive manner to the client, until it decides to accept or deny the login.<br>
+ To begin, you call this function (you can omit user if it was set previously and omit submethods - instead you know what you do - just put them to NULL) and store the answer.
+ If the answer is SSH_AUTH_INFO, it means the server has sent a few questions to ask your user, which you can retrieve with the following functions. Then, set the answers and call back ssh_userauth_kbdint with same arguments. It may again ask a few other questions etc. until you get an other SSH_AUTH code than SSH_AUTH_INFO.<br>
+ Few remarks :<br>
+ -Even the first call can return SSH_AUTH_DENIED or SSH_AUTH_SUCCESS.<br>
+ -The server can send an empty question set (this is the default behavior on my system) after you have sent the answers to the first questions.
+ you must still parse the answer, it might contain some message from the server saying hello or such things. Just call ssh_userauth_kbdint() once more<br>
+<br>
+ <div class="prot">
+int ssh_userauth_kbdint_getnprompts(SSH_SESSION *session);
+ </div>
+After you called ssh_userauth_kbdint and got SSH_AUTH_INFO, the session contains a few questions (or prompts) from the server. This function returns the number of prompts and answers.<br>
+It could be zero, in which case you must act as said previously.<br>
+
+<div class="prot">
+ char *ssh_userauth_kbdint_getname(SSH_SESSION *session);
+</div>
+ this functions returns the "name" of the message block. The meaning is explained later.<br>
+ This function returns a pointer that stays valid until the next ssh_userauth_kbdint() call and must not be freed.<br>
+
+<div class="prot">
+ char *ssh_userauth_kbdint_getinstruction(SSH_SESSION *session);
+</div>
+ this functions returns the "instruction" of the message block. The meaning is explained later.<br>
+This function returns a pointer that stays valid until the next ssh_userauth_kbdint() call and must not be freed.<br>
+
+<div class="prot">
+ char *ssh_userauth_kbdint_getprompt(SSH_SESSION *session,int i, char *echo);
+</div>
+This functions returns a pointer to the nth prompt. The character pointed by echo, if different from null, will contain a boolean value after the call, which means that the user prompt must be echoed or not.<br>
+zero means that the echo is Off (like for a password prompt).<br>
+any other value means the echo is on.<br>
+This function returns a pointer that stays valid until the next ssh_userauth_kbdint() call and must not be freed.<br>
+
+<div class="prot">
+void ssh_userauth_kbdint_setanswer(SSH_SESSION *session, unsigned int i, char *a
+nswer);
+</div>
+This function sets the ith answer. The string you give will be duplicated, and this copy will be discarded once it is no longer necessary.<br>
+care must be taken so you discard the content of the original string after this function call.<br>
+
+<h3> A little note about how to use the informations from keyboard-interactive authentication</h3>
+<br>
+The words from the original drafts explain everything
+<div class="prot">
+3.3 User Interface
+
+Upon receiving a request message, the client SHOULD prompt the user
+as follows:<br>
+ A command line interface (CLI) client SHOULD print the name and
+ instruction (if non-empty), adding newlines.  Then for each prompt in
+ turn, the client SHOULD display the prompt and read the user input.<br>
+<br>
+A graphical user interface (GUI) client has many choices on how to
+prompt the user.  One possibility is to use the name field (possibly
+prefixed with the application's name) as the title of a dialog window
+in which the prompt(s) are presented.  In that dialog window, the
+instruction field would be a text message, and the prompts would be
+labels for text entry fields.  All fields SHOULD be presented to the
+user, for example an implementation SHOULD NOT discard the name field
+because its windows lack titles; it SHOULD instead find another way
+to display this information.  If prompts are presented in a dialog
+window, then the client SHOULD NOT present each prompt in a separate
+window.<br>
+<br>
+All clients MUST properly handle an instruction field with embedded
+newlines.  They SHOULD also be able to display at least 30 characters
+for the name and prompts.  If the server presents names or prompts
+longer than 30 characters, the client MAY truncate these fields to
+the length it can display.  If the client does truncate any fields,
+there MUST be an obvious indication that such truncation has occured.<br>
+The instruction field SHOULD NOT be truncated.<br>
+Clients SHOULD use control character filtering as discussed in
+[SSH-ARCH] to avoid attacks by including terminal control characters
+in the fields to be displayed.<br>
+<br>
+For each prompt, the corresponding echo field indicates whether or
+not the user input should be echoed as characters are typed.  Clients
+SHOULD correctly echo/mask user input for each prompt independently
+of other prompts in the request message.  If a client does not honor
+the echo field for whatever reason, then the client MUST err on the
+side of masking input.  A GUI client might like to have a checkbox
+toggling echo/mask.  Clients SHOULD NOT add any additional characters
+to the prompt such as ": " (colon-space); the server is responsible
+for supplying all text to be displayed to the user.  Clients MUST
+also accept empty responses from the user and pass them on as empty
+strings.<br>
+
+</div>
+<br>
+<h3> D) "none"</h3><br>
+ In fact this mode only serve to get the list of supported authentications.<br>
+ however, it also serves to get the banner message from the server, if any.<br>
+ You should firstly try this method, at least for getting the banner, then to enter if there is no password at all.<br>
+ <div class="prot">
+ int ssh_userauth_none(SSH_SESSION *session, char *username);
+ </div>
+ if the account has no password (and the server is configured to let you
+ pass), the function might answer SSH_AUTH_SUCCESS. That's why
+ ssh_auth_autopubkey already calls it for you.
+<br><br>
+<div class="prot">
+ char *ssh_get_issue_banner(SSH_SESSION *session);
+</div>
+if during authentication, the server has given a banner, you can get it
+ this way. the function returns NULL if no banner exists, and you have to
+ free the returned pointer.<br><br>
+</div>
+
+<h2>4- Opening a channel</h2>
+<div class="tout">
+Maybe you want to use the sftp subsystem : all this is done for you, you 
+better read at the end of the paper how to use the sftp functions.<br>
+You probably want to open one or more shells, or call one or more programs.<br>
+
+So you need a channel.<br>
+<div class="prot">
+     CHANNEL *channel;
+</div>
+This is an handler to a channel object. it describes your channel.
+<br>
+<div class="prot">
+CHANNEL *channel_open_session(SSH_SESSION *session);
+</div>
+This will open a channel for use into a session (which can be used for executing
+a command or a shell. Not for tcp forwarding).<br>
+The function returns NULL if for a reason or another the channel can't be
+opened.<br>
+<i>
+CHANNEL *open_session_channel(...)</i> is deprecated and should not be used in future
+applications.<br><br>
+<div class="prot">
+CHANNEL *channel_open_forward(SSH_SESSION *session, char *remotehost, 
+     int remoteport, char *sourcehost, int localport);
+</div>
+Ask the server to tunnel a TCP connection. The server will connect to 
+ remotehost:remoteport and libssh will return an handle to the channel if it is allowed.<br>
+ Otherwise, NULL will be returned. sourcehost and localport are generaly
+ used in message debugging purpose and have no effect on the result.<br>
+ <br>
+When you've finished with your channel, you may send an EOF message and 
+then close it :<br>
+<div class="prot">
+void channel_send_eof(CHANNEL *channel);
+</div>
+sends an end of file into channel. It doesn't close the channel and you can still read it.<br><br>
+
+<div class="prot">
+void channel_free(CHANNEL *channel);
+</div>
+closes and destroy the channel.
+<br>
+<div class="prot">
+void channel_close(CHANNEL *channel);
+</div>
+sends an EOF and close the channel. (if you don't know what to do, use channel_free). It doesn't free the channel.
+
+</div>
+<h2>5- The shell</h2>
+<div class="tout">
+<div class="prot">
+int channel_request_env(CHANNEL *channel, char *name, char *value);
+</div>
+Ask the server to set the "name" environment variable to "value". For security
+ reasons, some variables won't be accepted by the server. It returns 0 otherwise.<br><br>
+<div class="prot">
+int channel_request_pty(CHANNEL *channel);
+</div>
+ ask the server to allocate a pseudo terminal for the current channel.<br> 
+ the function returns 0 on success.<br><br>
+ 
+<div class="prot">
+int channel_request_pty_size(CHANNEL *channel, char *terminal, int cols, int rows);
+</div>
+ask the server to allocate a pty. The terminal parameter is the type of pty 
+(vt100,xterm,...), cols and rows are the size of the new terminal (80x24 by example).<br><br>
+<div class="prot">
+int channel_change_pty_size(CHANNEL *channel, int cols,int rows);
+</div>
+changes the window size (terminal) of the current session;<br><br>
+<div class="prot">
+int channel_request_shell(CHANNEL *channel);
+</div>
+This function requests a shell. After its success, a shell is running at the other side of the channel.<br><br>
+<div class="prot">
+int channel_request_exec(CHANNEL *channel, char *cmd);
+</div>
+run a shell command without an interactive shell, ie $SHELL -c "command".<br>
+ returns 0 on success.<br><br>
+
+You might ask the server to open a subsystem for you. this is done this way :
+<div class="prot">
+int channel_request_subsystem(CHANNEL *channel, char *subsystem);
+</div>
+There are some functions used to manipulate the channels :
+<br><br>
+<div class="prot">
+int channel_write(CHANNEL *channel,void *data,int len);
+</div>
+writes len bytes of data into the channel. It returns the number of bytes written. The current implementation is a blocking write
+of the complete data buffer, but it may vary.<br><br>
+<div class="prot">
+int channel_read(CHANNEL *channel, BUFFER *buffer,int bytes,int is_stderr);
+</div>
+It makes a blocking read on the channel, of "bytes" bytes and returns the
+ result into an allocated buffer you passed in. (with <i>buffer_new()</i>).<br>
+ it will read on stderr, if is_stderr is set.<br>
+ The function might read less bytes than "bytes" variable if an End of File
+ happened. Otherwise, the function will always block reading until "bytes"
+ bytes are read.<br>
+ with "bytes"=0, <i>channel_read()</i> will read the current state of the read buffer, but will read at least one byte (and block if nothing is available, except EOF case).<br>
+ 
+ You don't need to free and allocate a new buffer each time you call this function, just pass the same object each time.<br>
+ look at the <i>buffer_</i> functions further for the correct way of retrieving the data.<br><br>
+
+<div class="prot">
+int channel_read_nonblocking (CHANNEL *channel, char *dest, int len, int is_stderr);
+</div>
+Non-blocking read on channel, at most len bytes of data are read. Returns 0 if EOF or if no data available.
+<br><br>
+<div class="prot">
+int channel_is_open(CHANNEL *channel);
+</div>
+ returns 0 if the channel has been closed by remote host, something else otherwise.<br><br>
+<div class="prot">
+int channel_poll(CHANNEL *channel, int is_stderr);
+</div>
+ This nonblocking function returns the number of bytes immediatly available for
+ reading on the channel and stdin/stderr.<br><br>
+
+More interesting, if you are going to do channel multiplexing, this function 
+is for you :<br><br>
+<div class="prot">
+int ssh_select(CHANNEL **channels,CHANNEL **outchannels, int maxfd,
+                           fd_set *readfds, struct timeval *timeout);
+</div>
+channels is an array of channel pointers, finished by a NULL pointer.<br>
+ It can be used ever and ever, as it is never written.<br>
+ outchannels is an array of size at least greater or equal to "channels".<br>
+ It hasn't to be initialized.<br>
+ maxfd is the maximum file descriptor from your own filedescriptors.<br>
+ readfds is a pointer to a fd_set structure, like in the original
+ select implementation (man select).<br>
+ the struct timeval *timeout has the same meaning than in 
+ select(2) (man select).<br>
+ 
+ There is no support for writing or special events as in <i>select(2)</i> yet.<br>
+The function returns -1 if an error occured, or SSH_EINTR if select was interrupted by a syscall. This is not an error, you may restart the function.<br>
+<b>note about signals:</b> libssh is not threadsafe, and most functions are not
+reetrant when using the same data structures : it means you *cannot* do anything
+with a channel from a ssh session passed to <i>ssh_select</i> during a signal.
+<br>take a look at sample.c on how to bypass that limitation.<br>
+the function works this way : it returns in the readfds the filedescriptors which have data ready for reading (the given filedescriptors have a greatest priority).<br>
+Then, if no file descriptor can be read, the function looks for every 
+channel from the array to get a channel with data bufferized. If nothing is 
+available, it waits for activity on any channel/file descriptor and returns 
+immediatly, or waits until timeout.<br>
+You will find the channels that can be read in the outchannels array (finished by NULL) and the filedescriptors in your fd_set (man FD_ISSET).<br>
+this is the "heart" of your main loop.<br>
+<br>
+<h3>The BUFFER object.</h3>
+Reading is done through the BUFFER object. here is the public interface :
+<br>
+<div class="prot">
+BUFFER *buffer_new();
+</div>
+creates a buffer object.
+<br><br>
+<div class="prot">
+void *buffer_get(BUFFER *buffer);
+</div>
+returns a pointer to the begining of buffer.
+<br><br>
+<div class="prot">
+int buffer_get_len(BUFFER *buffer);
+</div>
+returns buffer's data size.
+<br><br>
+<div class="prot">
+void buffer_free(BUFFER *buffer);
+</div>
+destoys the buffer.
+<br>
+<br>
+How to use the buffer system when you've read something:<br>
+I've seen people doing such code:<br>
+<div class="prot">
+char buffer[256];<br>
+channel_read(channel,buf,1234,0);<br>
+strcpy(buffer,buf.data);<br>
+</div>
+The correct way of doing this:
+<div class="prot">
+char buffer[256];<br>
+int i;<br>
+i=channel_read(channel,buf,1234,0);<br>
+if(i<=0)<br>
+&nbsp;&nbsp;&nbsp;&nbsp;go_out()...<br>
+if(i>=256)<br>
+&nbsp;&nbsp;&nbsp;&nbsp;i=255;<br>
+memcpy(buffer,buffer_get(buf),i);<br>
+buffer[i]=0;
+</div>
+Do not expect the buffer to be null-terminated. Don't access the internal structure of buffer. Check the sizes before copying.<br>
+</div>
+<h2>6- The SFTP subsystem</h2>
+<div class="tout">
+SFTP is a secure implementation of a file transfer protocol. The current 
+implemented version is 3. All functions aren't implemented yet but the most
+important are.<br>
+<br>
+<h3>A) Opening the session</h3>
+<div class="prot">
+  SFTP_SESSION *sftp_new(SSH_SESSION *session);
+  int sftp_init(SFTP_SESSION *sftp);
+</div>
+  The former returns a SFTP_SESSION handle. It returns NULL if things didn't 
+  work as expected.<br>
+  sftp_init makes some initialisation work. It returns 0 if things went right.
+  Both of them must be called.<br>
+<h3>B) Opening and reading a directory</h3>
+<div class="prot">
+  SFTP_DIR *sftp_opendir(SFTP_SESSION *session, char *path);
+</div>
+  opens a directory for file listing. Returns NULL in error case.
+  <br><br>
+<div class="prot">
+  SFTP_ATTRIBUTES *sftp_readdir(SFTP_SESSION *session, SFTP_DIR *dir);
+</div>
+This function reads one file attribute from an opened directory. It
+  returns NULL if the directory is EOF, or if something wrong happened.
+<br><br>
+<div class="prot">
+  int sftp_dir_eof(SFTP_DIR *dir);
+</div>
+ When a <i>sftp_readdir()</i> returned NULL, you can use this function to 
+ tell if an EOF occured. the function returns 0 if no EOF occured.
+ <br><br>
+ <div class="prot">
+  void sftp_attributes_free(SFTP_ATTRIBUTES *file);
+</div>
+You have to free any SFTP_ATTRIBUTE structure given by an other function 
+  with it.<br><br>
+<div class="prot">
+  int sftp_dir_close(SFTP_DIR *dir);
+</div>
+closes an opened directory. returns 0 when no error occured.
+<br><br>
+<h3>C) Opening, reading, writing files</h3>
+<div class="prot">
+  SFTP_FILE *sftp_open(SFTP_SESSION *session, char *file, int access,
+                                                SFTP_ATTRIBUTES *attr);
+</div>
+Opens a file. The access flags are the same than the stdio flags.<br>
+see open(2) for more details.<br>
+attr are the wanted attributes for the new file. If you supply NULL,
+  default values will be used.<br>
+rem: more work is going on parsing/making the attributes structure
+<br><br>
+<div class="prot">
+  int sftp_read(SFTP_FILE *file, void *dest, int len);
+</div>
+read on a file. Works as the fread() function. It is blocking by default but you can change the default behaviour with <i>sftp_file_set_nonblocking()</i>.
+ <br><br>
+<div class="prot">
+  void sftp_file_set_nonblocking(SFTP_FILE *file);
+</div>
+sets the file non blocking. reads on this file won't ever block. You can't detect end of files this way.<br>
+*** TODO more work going there for EOF ****
+<br><br>
+<div class="prot">
+  void sftp_file_set_blocking(SFTP_FILE *file);
+</div>
+restore the default setting of sftp_read.
+<br><br>
+<div class="prot">
+  int sftp_write(SFTP_FILE *file, void *source, int len);
+</div>
+works as fwrite() function. It is a blocking write.<br>
+<br>
+<div class="prot">
+  void sftp_seek(SFTP_FILE *file, int new_offset);
+</div>
+seek into the file for reading/writing at an other place.
+<br><br>
+<div class="prot">
+  unsigned long sftp_tell(SFTP_FILE *file);
+</div>
+returns the current offset (both writing and reading) into the opened file.
+<br><br>
+<div class="prot">
+  void sftp_rewind(SFTP_FILE *file);
+</div>
+  same as sftp_seek(file,0);
+<br><br>
+<div class="prot">
+  int sftp_file_close(SFTP_FILE *file);
+</div>
+  closes a file handle. returns 0 in no error case.
+<br><br>
+<div class="prot">
+  int sftp_rm(SFTP_SESSION *sftp, char *file);
+</div>
+deletes a file.
+<br><br>
+<div class="prot">  
+  int sftp_rmdir(SFTP_SESSION *sftp, char *directory);
+</div>
+<br>
+deletes a directory.
+<br><br>
+<div class="prot">
+  int sftp_mkdir(SFTP_SESSION *sftp, char *directory, SFTP_ATTRIBUTES *attr);
+</div>
+makes a directory, with the given attributes. You can't pass NULL for attr and hope it works.
+  <br><br>
+<div class="prot">
+  int sftp_rename(SFTP_SESSION *sftp, char *original, char *newname);
+</div>
+changes the name of a file or directory.
+<br><br>
+<div class="prot">
+  int sftp_setstat(SFTP_SESSION *sftp, char *file, SFTP_ATTRIBUTES *attr);
+</div>
+changes the attributes of a file or directory.
+<br><br>
+<div class="prot">
+  char *sftp_canonicalize_path(SFTP_SESSION *sftp, char *path);
+</div>
+  gives the canonicalized form of some path. You have to 
+  free the pointer given in return.<br>
+  (returns NULL if error).
+<br><br>
+
+ (a function to make proper SFTP_ATTRIBUTES structures is on the way )
+
+<h3>D) Closing the session</h3>
+<div class="prot">
+  void sftp_free(SFTP_SESSION *sftp);
+</div>
+it closes the sftp channel and subsystem.
+</div>
+
+<h2>7- Handling the errors</h2>
+<div class="tout">
+When some function returns an error code, it's allways possible to get an
+english message describing the problem. the function ssh_get_error()
+returns a pointer to the static error buffer.<br>
+ssh_error_code() returns the error code number. it's declared as an enum:<br>
+SSH_NO_ERROR, SSH_REQUEST_DENIED, SSH_INVALID_REQUEST, SSH_CONNECTION_LOST,
+SSH_FATAL, SSH_INVALID_DATA.<br><br>
+SSH_REQUEST_DENIED means the ssh server refused your request but the situation is
+recoverable. the others mean something happened to the connection (some
+encryption problems, server problems, library bug, ...).<br>
+SSH_INVALID_REQUEST means the library got some garbage from server. (But might be
+recoverable).<br>
+SSH_FATAL means the connection has an important problem and isn't probably 
+recoverable.<br>
+<br>
+Most of time, the error returned are SSH_FATAL, but some functions (generaly the
+<i>ssh_request_*</i> ones) may fail because of server denying request. In these cases, SSH_REQUEST_DENIED is returned.<br><br>
+
+You'll see in the prototype SSH_SESSION *session. That's because for thread
+safety, error messages that can be attached to a session aren't static
+anymore. So, any error that could happen during ssh_getopt(), options_* or
+ssh_connect() will be retreavable giving NULL as argument.<br>
+<br>
+<div class="prot">
+char *ssh_get_error(SSH_SESSION *session);
+</div>
+returns a pointer to a static message error from the given session. No
+message freeing is needed.<br><br>
+<div class="prot">
+enum ssh_error ssh_get_error_code(SSH_SESSION *session);
+</div>
+returns the error code that last happened along with the message. 
+<br><br>
+</div>
+
+<h2>8- Final word</h2>
+<div class="tout">
+I made this library because nothing in the Open source or free software community was existing yet. This project is a very personnal one as it's the first "useful" thing I ever wrote.
+I hope it fits your needs, but remember the experimental state of libssh : if
+something doesn't work, please mail me. If something lacks, please ask for it.
+If something stinks, please write a patch and send it !
+</div>
+
+</body>
+</html>

doc/authentication.dox

@@ -1,373 +0,0 @@
-/**
-@page libssh_tutor_authentication Chapter 2: A deeper insight on authentication
-@section authentication_details A deeper insight on authentication
-
-In our guided tour, we merely mentioned that the user needed to authenticate.
-We didn't explain much in detail how that was supposed to happen.
-This chapter explains better the four authentication methods: with public keys,
-with a password, with challenges and responses (keyboard-interactive), and with
-no authentication at all.
-
-If your software is supposed to connect to an arbitrary server, then you
-might need to support all authentication methods. If your software will
-connect only to a given server, then it might be enough for your software
-to support only the authentication methods used by that server. If you are
-the administrator of the server, it might be your call to choose those
-authentication methods.
-
-It is not the purpose of this document to review in detail the advantages
-and drawbacks of each authentication method. You are therefore invited
-to read the abundant documentation on this topic to fully understand the
-advantages and security risks linked to each method.
-
-
-@subsection pubkeys Authenticating with public keys 
-
-libssh is fully compatible with the openssh public and private keys. You
-can either use the automatic public key authentication method provided by
-libssh, or roll your own using the public key functions.
-
-The process of authenticating by public key to a server is the following:
- - you scan a list of files that contain public keys. each key is sent to
-   the SSH server, until the server acknowledges a key (a key it knows can be
-   used to authenticate the user).
- - then, you retrieve the private key for this key and send a message
-   proving that you know that private key.
-
-The function ssh_userauth_autopubkey() does this using the available keys in
-"~/.ssh/".  The return values are the following:
- - SSH_AUTH_ERROR: some serious error happened during authentication
- - SSH_AUTH_DENIED: no key matched
- - SSH_AUTH_SUCCESS: you are now authenticated
- - SSH_AUTH_PARTIAL: some key matched but you still have to provide an other
-                     mean of authentication (like a password). 
-
-The ssh_userauth_autopubkey() function also tries to authenticate using the
-SSH agent, if you have one running, or the "none" method otherwise.
-
-If you wish to authenticate with public key by your own, follow these steps:
- - Retrieve the public key in a ssh_string using publickey_from_file().
- - Offer the public key to the SSH server using ssh_userauth_offer_pubkey().
-   If the return value is SSH_AUTH_SUCCESS, the SSH server accepts to
-   authenticate using the public key and you can go to the next step.
- - Retrieve the private key, using the privatekey_from_file() function. If
-   a passphrase is needed, either the passphrase specified as argument or
-   a callback (see callbacks section) will be used.
- - Authenticate using ssh_userauth_pubkey() with your public key string
-   and private key.
- - Do not forget cleaning up memory using string_free() and privatekey_free().
-
-Here is a minimalistic example of public key authentication:
-
-@code
-int authenticate_pubkey(ssh_session session)
-{
-  int rc;
-
-  rc = ssh_userauth_autopubkey(session, NULL);
-
-  if (rc == SSH_AUTH_ERROR)
-  {
-     fprintf(stderr, "Authentication failed: %s\n",
-       ssh_get_error(session));
-     return SSH_AUTH_ERROR;
-  }
-
-  return rc;
-}
-@endcode
-
-@see ssh_userauth_autopubkey
-@see ssh_userauth_offer_pubkey
-@see ssh_userauth_pubkey
-@see publickey_from_file
-@see publickey_from_privatekey
-@see string_free
-@see privatekey_from_file
-@see privatekey_free
-
-
-@subsection password Authenticating with a password
-
-The function ssh_userauth_password() serves the purpose of authenticating
-using a password. It will return SSH_AUTH_SUCCESS if the password worked,
-or one of other constants otherwise. It's your work to ask the password
-and to deallocate it in a secure manner.
-
-If your server complains that the password is wrong, but you can still
-authenticate using openssh's client (issuing password), it's probably
-because openssh only accept keyboard-interactive. Switch to
-keyboard-interactive authentication, or try to configure plain text passwords
-on the SSH server.
-
-Here is a small example of password authentication:
-
-@code
-int authenticate_password(ssh_session session)
-{
-  char *password;
-  int rc;
-
-  password = getpass("Enter your password: ");
-  rc = ssh_userauth_password(session, NULL, password);
-  if (rc == SSH_AUTH_ERROR)
-  {
-     fprintf(stderr, "Authentication failed: %s\n",
-       ssh_get_error(session));
-     return SSH_AUTH_ERROR;
-  }
-
-  return rc;
-}
-@endcode
-
-@see ssh_userauth_password
-
-
-@subsection keyb_int The keyboard-interactive authentication method
-
-The keyboard-interactive method is, as its name tells, interactive. The
-server will issue one or more challenges that the user has to answer,
-until the server takes an authentication decision.
-
-ssh_userauth_kbdint() is the the main keyboard-interactive function. 
-It will return SSH_AUTH_SUCCESS,SSH_AUTH_DENIED, SSH_AUTH_PARTIAL,
-SSH_AUTH_ERROR, or SSH_AUTH_INFO, depending on the result of the request.
-
-The keyboard-interactive authentication method of SSH2 is a feature that
-permits the server to ask a certain number of questions in an interactive
-manner to the client, until it decides to accept or deny the login.
-
-To begin, you call ssh_userauth_kbdint() (just set user and submethods to
-NULL) and store the answer.
-
-If the answer is SSH_AUTH_INFO, it means that the server has sent a few
-questions that you should ask the user. You can retrieve these questions
-with the following functions: ssh_userauth_kbdint_getnprompts(),
-ssh_userauth_kbdint_getname(), ssh_userauth_kbdint_getinstruction(), and
-ssh_userauth_kbdint_getprompt().
-
-Set the answer for each question in the challenge using
-ssh_userauth_kbdint_setanswer().
-
-Then, call again ssh_userauth_kbdint() and start the process again until
-these functions returns something else than SSH_AUTH_INFO.
-
-Here are a few remarks:
- - Even the first call can return SSH_AUTH_DENIED or SSH_AUTH_SUCCESS.
- - The server can send an empty question set (this is the default behavior
-   on my system) after you have sent the answers to the first questions.
-   You must still parse the answer, it might contain some 
-   message from the server saying hello or such things. Just call
-   ssh_userauth_kbdint() until needed. 
- - The meaning of "name", "prompt", "instruction" may be a little
-   confusing. An explanation is given in the RFC section that follows.
-
-Here is a little note about how to use the information from
-keyboard-interactive authentication, coming from the RFC itself (rfc4256):
-
-@verbatim
- 
-  3.3 User Interface Upon receiving a request message, the client SHOULD
-  prompt the user as follows: A command line interface (CLI) client SHOULD
-  print the name and instruction (if non-empty), adding newlines. Then for
-  each prompt in turn, the client SHOULD display the prompt and read the
-  user input.
-  
-  A graphical user interface (GUI) client has many choices on how to prompt
-  the user. One possibility is to use the name field (possibly prefixed
-  with the application's name) as the title of a dialog window in which
-  the prompt(s) are presented. In that dialog window, the instruction field
-  would be a text message, and the prompts would be labels for text entry
-  fields. All fields SHOULD be presented to the user, for example an
-  implementation SHOULD NOT discard the name field because its windows lack
-  titles; it SHOULD instead find another way to display this information. If
-  prompts are presented in a dialog window, then the client SHOULD NOT
-  present each prompt in a separate window.
-  
-  All clients MUST properly handle an instruction field with embedded
-  newlines. They SHOULD also be able to display at least 30 characters for
-  the name and prompts. If the server presents names or prompts longer than 30
-  characters, the client MAY truncate these fields to the length it can
-  display. If the client does truncate any fields, there MUST be an obvious
-  indication that such truncation has occured.
-  
-  The instruction field SHOULD NOT be truncated. Clients SHOULD use control
-  character filtering as discussed in [SSH-ARCH] to avoid attacks by
-  including terminal control characters in the fields to be displayed.
-  
-  For each prompt, the corresponding echo field indicates whether or not
-  the user input should be echoed as characters are typed. Clients SHOULD
-  correctly echo/mask user input for each prompt independently of other
-  prompts in the request message. If a client does not honor the echo field
-  for whatever reason, then the client MUST err on the side of
-  masking input. A GUI client might like to have a checkbox toggling
-  echo/mask. Clients SHOULD NOT add any additional characters to the prompt
-  such as ": " (colon-space); the server is responsible for supplying all
-  text to be displayed to the user. Clients MUST also accept empty responses
-  from the user and pass them on as empty strings.
-@endverbatim
-
-The following example shows how to perform keyboard-interactive authentication:
-
-@code
-int authenticate_kbdint(ssh_session session)
-{
-  int rc;
-
-  rc = ssh_userauth_kbdint(session, NULL, NULL);
-  while (rc == SSH_AUTH_INFO)
-  {
-    const char *name, *instruction;
-    int nprompts, iprompt;
-
-    name = ssh_userauth_kbdint_getname(session);
-    instruction = ssh_userauth_kbdint_getinstruction(session);
-    nprompts = ssh_userauth_kbdint_getnprompts(session);
-
-    if (strlen(name) > 0)
-      printf("%s\n", name);
-    if (strlen(instruction) > 0)
-      printf("%s\n", instruction);
-    for (iprompt = 0; iprompt < nprompts; iprompt++)
-    {
-      const char *prompt;
-      char echo;
-
-      prompt = ssh_userauth_kbdint_getprompt(session, iprompt, &echo);
-      if (echo)
-      {
-        char buffer[128], *ptr;
-
-        printf("%s", prompt);
-        if (fgets(buffer, sizeof(buffer), stdin) == NULL)
-          return SSH_AUTH_ERROR;
-        buffer[sizeof(buffer) - 1] = '\0';
-        if ((ptr = strchr(buffer, '\n')) != NULL)
-          *ptr = '\0';
-        if (ssh_userauth_kbdint_setanswer(session, iprompt, buffer) < 0)
-          return SSH_AUTH_ERROR;
-        memset(buffer, 0, strlen(buffer));
-      }
-      else
-      {
-        char *ptr;
-
-        ptr = getpass(prompt);
-        if (ssh_userauth_kbdint_setanswer(session, iprompt, ptr) < 0)
-          return SSH_AUTH_ERROR;
-      }
-    }
-    rc = ssh_userauth_kbdint(session, NULL, NULL);
-  }
-  return rc;
-}
-@endcode
-
-@see ssh_userauth_kbdint()
-@see ssh_userauth_kbdint_getnprompts
-@see ssh_userauth_kbdint_getname 
-@see ssh_userauth_kbdint_getinstruction
-@see ssh_userauth_kbdint_getprompt
-@see ssh_userauth_kbdint_setanswer()
-
-
-@subsection none Authenticating with "none" method
-
-The primary purpose of the "none" method is to get authenticated **without**
-any credential. Don't do that, use one of the other authentication methods,
-unless you really want to grant anonymous access.
-
-If the account has no password, and if the server is configured to let you
-pass, ssh_userauth_none() might answer SSH_AUTH_SUCCESS.
-
-The following example shows how to perform "none" authentication:
-
-@code
-int authenticate_kbdint(ssh_session session)
-{
-  int rc;
-
-  rc = ssh_userauth_none(session, NULL, NULL);
-  return rc;
-}
-@endcode
-
-@subsection auth_list Getting the list of supported authentications
-
-You are not meant to choose a given authentication method, you can
-let the server tell you which methods are available. Once you know them,
-you try them one after the other.
-
-The following example shows how to get the list of available authentication
-methods with ssh_userauth_list() and how to use the result:
-
-@code
-int test_several_auth_methods(ssh_session session)
-{
-  int method, rc;
-
-  method = ssh_userauth_list(session, NULL);
-
-  if (method & SSH_AUTH_METHOD_NONE)
-  { // For the source code of function authenticate_none(),
-    // refer to the corresponding example
-    rc = authenticate_none(session);
-    if (rc == SSH_AUTH_SUCCESS) return rc;
-  }
-  if (method & SSH_AUTH_METHOD_PUBLICKEY)
-  { // For the source code of function authenticate_pubkey(),
-    // refer to the corresponding example
-    rc = authenticate_pubkey(session);
-    if (rc == SSH_AUTH_SUCCESS) return rc;
-  }
-  if (method & SSH_AUTH_METHOD_INTERACTIVE)
-  { // For the source code of function authenticate_kbdint(),
-    // refer to the corresponding example
-    rc = authenticate_kbdint(session);
-    if (rc == SSH_AUTH_SUCCESS) return rc;
-  }
-  if (method & SSH_AUTH_METHOD_PASSWORD)
-  { // For the source code of function authenticate_password(),
-    // refer to the corresponding example
-    rc = authenticate_password(session);
-    if (rc == SSH_AUTH_SUCCESS) return rc;
-  }
-  return SSH_AUTH_ERROR;
-}
-@endcode
-
-
-@subsection banner Getting the banner
-
-The SSH server might send a banner, which you can retrieve with
-ssh_get_issue_banner(), then display to the user.
-
-The following example shows how to retrieve and dispose the issue banner:
-
-@code
-int display_banner(ssh_session session)
-{
-  int rc;
-  char *banner;
-
-/*
- *** Does not work without calling ssh_userauth_none() first ***
- *** That will be fixed ***
-*/
-  rc = ssh_userauth_none(session, NULL);
-  if (rc == SSH_AUTH_ERROR)
-    return rc;
-
-  banner = ssh_get_issue_banner(session);
-  if (banner)
-  {
-    printf("%s\n", banner);
-    free(banner);
-  }
-
-  return rc;
-}
-@endcode
-
-*/

doc/command.dox

@@ -1,94 +0,0 @@
-/**
-@page libssh_tutor_command Chapter 4: Passing a remote command
-@section remote_command Passing a remote command
-
-Previous chapter has shown how to open a full shell session, with an attached
-terminal or not. If you only need to execute a command on the remote end,
-you don't need all that complexity.
-
-The method described here is suited for executing only one remote command.
-If you need to issue several commands in a row, you should consider using
-a non-interactive remote shell, as explained in previous chapter.
-
-@see shell
-
-
-@subsection exec_remote Executing a remote command
-
-The first steps for executing a remote command are identical to those
-for opening remote shells. You first need a SSH channel, and then
-a SSH session that uses this channel:
-
-@code
-int show_remote_files(ssh_session session)
-{
-  ssh_channel channel;
-  int rc;
-
-  channel = ssh_channel_new(session);
-  if (channel == NULL) return SSH_ERROR;
-
-  rc = ssh_channel_open_session(channel);
-  if (rc != SSH_OK)
-  {
-    ssh_channel_free(channel);
-    return rc;
-  }
-@endcode
-
-Once a session is open, you can start the remote command with
-ssh_channel_request_exec():
-
-@code
-  rc = ssh_channel_request_exec(channel, "ls -l");
-  if (rc != SSH_OK)
-  {
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    return rc;
-  }
-@endcode
-
-If the remote command displays data, you get them with ssh_channel_read().
-This function returns the number of bytes read. If there is no more
-data to read on the channel, this function returns 0, and you can go to next step.
-If an error has been encountered, it returns a negative value:
-
-@code
-  char buffer[256];
-  unsigned int nbytes;
-
-  nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-  while (nbytes > 0)
-  {
-    if (fwrite(buffer, 1, nbytes, stdout) != nbytes)
-    {
-      ssh_channel_close(channel);
-      ssh_channel_free(channel);
-      return SSH_ERROR;
-    }
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-  }
-
-  if (nbytes < 0)
-  {
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    return SSH_ERROR;
-  }
-@endcode
-
-Once you read the result of the remote command, you send an
-end-of-file to the channel, close it, and free the memory
-that it used:
-
-@code
-  ssh_channel_send_eof(channel);
-  ssh_channel_close(channel);
-  ssh_channel_free(channel);
-
-  return SSH_OK;
-}
-@endcode
-
-*/

doc/forwarding.dox

@@ -1,221 +0,0 @@
-/**
-@page libssh_tutor_forwarding Chapter 7: Forwarding connections (tunnel)
-@section forwarding_connections Forwarding connections
-
-Port forwarding comes in SSH protocol in two different flavours:
-direct or reverse port forwarding. Direct port forwarding is also
-named local port forwardind, and reverse port forwarding is also called
-remote port forwarding. SSH also allows X11 tunnels.
-
-
-
-@subsection forwarding_direct Direct port forwarding
-
-Direct port forwarding is from client to server. The client opens a tunnel,
-and forwards whatever data to the server. Then, the server connects to an
-end point. The end point can reside on another machine or on the SSH
-server itself.
-
-Example of use of direct port forwarding:
-@verbatim
-Mail client application   Google Mail
-         |                    ^
-     5555 (arbitrary)         |
-         |                143 (IMAP2)
-         V                    |
-    SSH client   =====>   SSH server 
-
-Legend:
---P-->: port connexion through port P
-=====>: SSH tunnel
-@endverbatim
-A mail client connects to port 5555 of a client. An encrypted tunnel is
-established to the server. The server connects to port 143 of Google Mail (the
-end point). Now the local mail client can retreive mail.
-
-
-@subsection forwarding_reverse Reverse port forwarding
-
-The reverse forwarding is slightly different. It goes from server to client,
-even though the client has the initiative of establishing the tunnel.
-Once the tunnel is established, the server will listen on a port. Whenever
-a connection to this port is made, the server forwards the data to the client.
-
-Example of use of reverse port forwarding:
-@verbatim
- Local mail server    Mail client application
-         ^                     |
-         |               5555 (arbitrary)
-     143 (IMAP2)               |
-         |                     V
-    SSH client   <=====   SSH server
-
-Legend:
---P-->: port connexion through port P
-=====>: SSH tunnel
-@endverbatim
-In this example, the SSH client establishes the tunnel,
-but it is used to forward the connections established at
-the server to the client.
-
-
-@subsection forwarding_x11 X11 tunnels
-
-X11 tunnels allow a remote application to display locally.
-
-Example of use of X11 tunnels:
-@verbatim
-   Local display     Graphical application
-   (X11 server)          (X11 client)
-         ^                     |
-         |                     V
-    SSH client   <=====   SSH server
-
-Legend:
------>: X11 connection through X11 display number
-=====>: SSH tunnel
-@endverbatim
-The SSH tunnel is established by the client.
-
-How to establish X11 tunnels with libssh has already been described in
-this tutorial.
-
-@see x11
-
-
-@subsection libssh_direct Doing direct port forwarding with libssh
-
-To do direct port forwarding, call function channel_open_forward():
-  - you need a separate channel for the tunnel as first parameter;
-  - second and third parameters are the remote endpoint;
-  - fourth and fifth parameters are sent to the remote server
-    so that they can be logged on that server.
-
-If you don't plan to forward the data you will receive to any local port,
-just put fake values like "localhost" and 5555 as your local host and port.
-
-The example below shows how to open a direct channel that would be
-used to retrieve google's home page from the remote SSH server.
-
-@code
-int direct_forwarding(ssh_session session)
-{
-  ssh_channel forwarding_channel;
-  int rc;
-  char *http_get = "GET / HTTP/1.1\nHost: www.google.com\n\n";
-  int nbytes, nwritten;
-
-  forwarding_channel = ssh_channel_new(session);
-  if (rc != SSH_OK) return rc;
-
-  rc = channel_open_forward(forwarding_channel,
-                            "www.google.com", 80,
-                            "localhost", 5555);
-  if (rc != SSH_OK)
-  {
-    ssh_channel_free(forwarding_channel);
-    return rc;
-  }
-
-  nbytes = strlen(http_get);
-  nwritten = channel_write(forwarding_channel, http_get, nbytes);
-  if (nbytes != nwritten)
-  {
-    ssh_channel_free(forwarding_channel);
-    return SSH_ERROR;
-  }
-
-  ...
-
-  ssh_channel_free(forwarding_channel);
-  return SSH_OK;
-}
-@endcode
-
-The data sent by Google can be retrieved for example with ssh_select()
-and ssh_channel_read(). Goggle's home page can then be displayed on the
-local SSH client, saved into a local file, made available on a local port,
-or whatever use you have for it.
-
-
-@subsection libssh_reverse Doing reverse port forwarding with libssh
-
-To do reverse port forwarding, call ssh_channel_forward_listen(),
-then ssh_channel_forward_accept().
-
-When you call ssh_channel_forward_listen(), you can let the remote server
-chose the non-priviledged port it should listen to. Otherwise, you can chose
-your own priviledged or non-priviledged port. Beware that you should have
-administrative priviledges on the remote server to open a priviledged port
-(port number < 1024).
-
-Below is an example of a very rough web server waiting for connections on port
-8080 of remote SSH server. The incoming connections are passed to the
-local libssh application, which handles them:
-
-@code
-int web_server(ssh_session session)
-{
-  int rc;
-  ssh_channel channel;
-  char buffer[256];
-  int nbytes, nwritten;
-  char *helloworld = ""
-"HTTP/1.1 200 OK\n"
-"Content-Type: text/html\n"
-"Content-Length: 113\n"
-"\n"
-"<html>\n"
-"  <head>\n"
-"    <title>Hello, World!</title>\n"
-"  </head>\n"
-"  <body>\n"
-"    <h1>Hello, World!</h1>\n"
-"  </body>\n"
-"</html>\n";
-
-  rc = ssh_channel_forward_listen(session, NULL, 8080, NULL);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error opening remote port: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  channel = ssh_channel_forward_accept(session, 60000);
-  if (channel == NULL)
-  {
-    fprintf(stderr, "Error waiting for incoming connection: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  while (1)
-  {
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    if (nbytes < 0)
-    {
-      fprintf(stderr, "Error reading incoming data: %s\n", ssh_get_error(session));
-      ssh_channel_send_eof(channel);
-      ssh_channel_free(channel);
-      return SSH_ERROR;
-    }
-    if (strncmp(buffer, "GET /", 5)) continue;
-
-    nbytes = strlen(helloworld);
-    nwritten = ssh_channel_write(channel, helloworld, nbytes);
-    if (nwritten != nbytes)
-    {
-      fprintf(stderr, "Error sending answer: %s\n", ssh_get_error(session));
-      ssh_channel_send_eof(channel);
-      ssh_channel_free(channel);
-      return SSH_ERROR;
-    }
-    printf("Sent answer\n");
-  }
-
-  ssh_channel_send_eof(channel);
-  ssh_channel_free(channel);
-  return SSH_OK;
-}
-@endcode
-
-*/

doc/guided_tour.dox

@@ -1,455 +0,0 @@
-/**
-@page libssh_tutor_guided_tour Chapter 1: A typical SSH session
-@section ssh_session A typical SSH session
-
-A SSH session goes through the following steps:
-
- - Before connecting to the server, you can set up if you wish one or other
-   server public key authentication, i.e. DSA or RSA. You can choose
-   cryptographic algorithms you trust and compression algorithms if any. You
-   must of course set up the hostname.
-
- - The connection is established. A secure handshake is made, and resulting from
-   it, a public key from the server is gained. You MUST verify that the public
-   key is legitimate, using for instance the MD5 fingerprint or the known hosts
-   file.
-
- - The client must authenticate: the classical ways are password, or
-   public keys (from dsa and rsa key-pairs generated by openssh).
-   If a SSH agent is running, it is possible to use it.
-
- - Now that the user has been authenticated, you must open one or several
-   channels. Channels are different subways for information into a single ssh
-   connection. Each channel has a standard stream (stdout) and an error stream
-   (stderr). You can theoretically open an infinity of channels.
-
- - With the channel you opened, you can do several things:
-   - Execute a single command.
-   - Open a shell. You may want to request a pseudo-terminal before.
-   - Invoke the sftp subsystem to transfer files.
-   - Invoke the scp subsystem to transfer files.
-   - Invoke your own subsystem. This is outside the scope of this document,
-     but can be done.
-
- - When everything is finished, just close the channels, and then the connection. 
-
-The sftp and scp subsystems use channels, but libssh hides them to
-the programmer. If you want to use those subsystems, instead of a channel,
-you'll usually open a "sftp session" or a "scp session".
- 
-
-@subsection setup Creating the session and setting options
-
-The most important object in a SSH connection is the SSH session. In order
-to allocate a new SSH session, you use ssh_new(). Don't forget to
-always verify that the allocation successed.
-@code
-#include <libssh/libssh.h> 
-#include <stdlib.h>
-
-int main()
-{
-  ssh_session my_ssh_session = ssh_new();
-  if (my_ssh_session == NULL)
-    exit(-1);
-  ...
-  ssh_free(my_ssh_session);
-}
-@endcode
-
-libssh follows the allocate-it-deallocate-it pattern. Each object that you allocate
-using xxxxx_new() must be deallocated using xxxxx_free(). In this case, ssh_new()
-does the allocation and ssh_free() does the contrary.
-
-The ssh_options_set() function sets the options of the session. The most important options are:
- - SSH_OPTIONS_HOST: the name of the host you want to connect to
- - SSH_OPTIONS_PORT: the used port (default is port 22)
- - SSH_OPTIONS_USER: the system user under which you want to connect
- - SSH_OPTIONS_LOG_VERBOSITY: the quantity of messages that are printed
-
-The complete list of options can be found in the documentation of ssh_options_set().
-The only mandatory option is SSH_OPTIONS_HOST. If you don't use SSH_OPTIONS_USER,
-the local username of your account will be used. 
-
-Here is a small example of how to use it:
-
-@code
-#include <libssh/libssh.h> 
-#include <stdlib.h>
-
-int main()
-{
-  ssh_session my_ssh_session;
-  int verbosity = SSH_LOG_PROTOCOL;
-  int port = 22;
-
-  my_ssh_session = ssh_new();
-  if (my_ssh_session == NULL)
-    exit(-1);
-
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, "localhost");
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity);
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_PORT, &port);
-
-  ...
-
-  ssh_free(my_ssh_session);
-}
-@endcode
-
-Please notice that all parameters are passed to ssh_options_set() as pointers,
-even if you need to set an integer value.
-
-@see ssh_new
-@see ssh_free
-@see ssh_options_set
-@see ssh_options_parse_config
-@see ssh_options_copy
-@see ssh_options_getopt
-
-
-@subsection connect Connecting to the server
-
-Once all settings have been made, you can connect using ssh_connect(). That
-function will return SSH_OK if the connection worked, SSH_ERROR otherwise.
-
-You can get the English error string with ssh_get_error() in order to show the
-user what went wrong. Then, use ssh_disconnect() when you want to stop
-the session.
-
-Here's an example:
-
-@code
-#include <libssh/libssh.h>
-#include <stdlib.h>
-#include <stdio.h> 
-
-int main()
-{
-  ssh_session my_ssh_session;
-  int rc;
-
-  my_ssh_session = ssh_new();
-  if (my_ssh_session == NULL)
-    exit(-1);
-
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, "localhost");
-
-  rc = ssh_connect(my_ssh_session);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error connecting to localhost: %s\n",
-            ssh_get_error(my_ssh_session));
-    exit(-1);
-  }
-
-  ...
-
-  ssh_disconnect(my_ssh_session);
-  ssh_free(my_ssh_session);
-}
-@endcode
-
-
-@subsection serverauth Authenticating the server
-
-Once you're connected, the following step is mandatory: you must check that the server
-you just connected to is known and safe to use (remember, SSH is about security and
-authentication).
-
-There are two ways of doing this:
- - The first way (recommended) is to use the ssh_is_server_known()
-   function. This function will look into the known host file
-   (~/.ssh/known_hosts on UNIX), look for the server hostname's pattern,
-   and determine whether this host is present or not in the list.
- - The second way is to use ssh_get_pubkey_hash() to get a binary version
-   of the public key hash value. You can then use your own database to check
-   if this public key is known and secure.
-
-You can also use the ssh_get_pubkey_hash() to show the public key hash
-value to the user, in case he knows what the public key hash value is
-(some paranoid people write their public key hash values on paper before
-going abroad, just in case ...).
-
-If the remote host is being used to for the first time, you can ask the user whether
-he/she trusts it. Once he/she concluded that the host is valid and worth being
-added in the known hosts file, you use ssh_write_knownhost() to register it in
-the known hosts file, or any other way if you use your own database.
-
-The following example is part of the examples suite available in the
-examples/ directory:
-
-@code
-#include <errno.h>
-#include <string.h>
-
-int verify_knownhost(ssh_session session)
-{
-  int state, hlen;
-  unsigned char *hash = NULL;
-  char *hexa;
-  char buf[10];
-
-  state = ssh_is_server_known(session);
-
-  hlen = ssh_get_pubkey_hash(session, &hash);
-  if (hlen < 0)
-    return -1;
-
-  switch (state)
-  {
-    case SSH_SERVER_KNOWN_OK:
-      break; /* ok */
-
-    case SSH_SERVER_KNOWN_CHANGED:
-      fprintf(stderr, "Host key for server changed: it is now:\n");
-      ssh_print_hexa("Public key hash", hash, hlen);
-      fprintf(stderr, "For security reasons, connection will be stopped\n");
-      free(hash);
-      return -1;
-
-    case SSH_SERVER_FOUND_OTHER:
-      fprintf(stderr, "The host key for this server was not found but an other"
-        "type of key exists.\n");
-      fprintf(stderr, "An attacker might change the default server key to"
-        "confuse your client into thinking the key does not exist\n");
-      free(hash);
-      return -1;
-
-    case SSH_SERVER_FILE_NOT_FOUND:
-      fprintf(stderr, "Could not find known host file.\n");
-      fprintf(stderr, "If you accept the host key here, the file will be"
-       "automatically created.\n");
-      /* fallback to SSH_SERVER_NOT_KNOWN behavior */
-
-    case SSH_SERVER_NOT_KNOWN:
-      hexa = ssh_get_hexa(hash, hlen);
-      fprintf(stderr,"The server is unknown. Do you trust the host key?\n");
-      fprintf(stderr, "Public key hash: %s\n", hexa);
-      free(hexa);
-      if (fgets(buf, sizeof(buf), stdin) == NULL)
-      {
-        free(hash);
-        return -1;
-      }
-      if (strncasecmp(buf, "yes", 3) != 0)
-      {
-        free(hash);
-        return -1;
-      }
-      if (ssh_write_knownhost(session) < 0)
-      {
-        fprintf(stderr, "Error %s\n", strerror(errno));
-        free(hash);
-        return -1;
-      }
-      break;
-
-    case SSH_SERVER_ERROR:
-      fprintf(stderr, "Error %s", ssh_get_error(session));
-      free(hash);
-      return -1;
-  }
-
-  free(hash);
-  return 0;
-}
-@endcode
-
-@see ssh_connect
-@see ssh_disconnect
-@see ssh_get_error
-@see ssh_get_error_code
-@see ssh_get_pubkey_hash
-@see ssh_is_server_known
-@see ssh_write_knownhost
-
-
-@subsection auth Authenticating the user
-
-The authentication process is the way a service provider can identify a
-user and verify his/her identity. The authorization process is about enabling
-the authenticated user the access to ressources. In SSH, the two concepts
-are linked. After authentication, the server can grant the user access to
-several ressources such as port forwarding, shell, sftp subsystem, and so on.
-
-libssh supports several methods of authentication:
- - "none" method. This method allows to get the available authentications
-   methods. It also gives the server a chance to authenticate the user with
-   just his/her login. Some very old hardware uses this feature to fallback
-   the user on a "telnet over SSH" style of login.
- - password method. A password is sent to the server, which accepts it or not.
- - keyboard-interactive method. The server sends several challenges to the
-   user, who must answer correctly. This makes possible the authentication
-   via a codebook for instance ("give code at 23:R on page 3").
- - public key method. The host knows the public key of the user, and the
-   user must prove he knows the associated private key. This can be done
-   manually, or delegated to the SSH agent as we'll see later.
-
-All these methods can be combined. You can for instance force the user to
-authenticate with at least two of the authentication methods. In that case,
-one speaks of "Partial authentication". A partial authentication is a
-response from authentication functions stating that your credential was
-accepted, but yet another one is required to get in.
-
-The example below shows an authentication with password:
-
-@code
-#include <libssh/libssh.h>
-#include <stdlib.h>
-#include <stdio.h> 
-
-int main()
-{
-  ssh_session my_ssh_session;
-  int rc;
-  char *password;
-
-  // Open session and set options
-  my_ssh_session = ssh_new();
-  if (my_ssh_session == NULL)
-    exit(-1);
-  ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, "localhost");
-
-  // Connect to server
-  rc = ssh_connect(my_ssh_session);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error connecting to localhost: %s\n",
-            ssh_get_error(my_ssh_session));
-    ssh_free(my_ssh_session);
-    exit(-1);
-  }
-
-  // Verify the server's identity
-  // For the source code of verify_knowhost(), check previous example
-  if (verify_knownhost(my_ssh_session) < 0)
-  {
-    ssh_disconnect(my_ssh_session);
-    ssh_free(my_ssh_session);
-    exit(-1);
-  }
-
-  // Authenticate ourselves
-  password = getpass("Password: ");
-  rc = ssh_userauth_password(my_ssh_session, NULL, password);
-  if (rc != SSH_AUTH_SUCCESS)
-  {
-    fprintf(stderr, "Error authenticating with password: %s\n",
-            ssh_get_error(my_ssh_session));
-    ssh_disconnect(my_ssh_session);
-    ssh_free(my_ssh_session);
-    exit(-1);
-  }
-
-  ...
-
-  ssh_disconnect(my_ssh_session);
-  ssh_free(my_ssh_session);
-}
-@endcode
-
-@see @ref authentication_details
-
-
-@subsection using_ssh Doing something
-
-At this point, the authenticity of both server and client is established.
-Time has come to take advantage of the many possibilities offered by the SSH
-protocol: execute a remote command, open remote shells, transfer files,
-forward ports, etc.
-
-The example below shows how to execute a remote command:
-
-@code
-int show_remote_processes(ssh_session session)
-{
-  ssh_channel channel;
-  int rc;
-  char buffer[256];
-  unsigned int nbytes;
-
-  channel = ssh_channel_new(session);
-  if (channel == NULL)
-    return SSH_ERROR;
-
-  rc = ssh_channel_open_session(channel);
-  if (rc != SSH_OK)
-  {
-    ssh_channel_free(channel);
-    return rc;
-  }
-
-  rc = ssh_channel_request_exec(channel, "ps aux");
-  if (rc != SSH_OK)
-  {
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    return rc;
-  }
-
-  nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-  while (nbytes > 0)
-  {
-    if (write(1, buffer, nbytes) != nbytes)
-    {
-      ssh_channel_close(channel);
-      ssh_channel_free(channel);
-      return SSH_ERROR;
-    }
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-  }
-    
-  if (nbytes < 0)
-  {
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    return SSH_ERROR;
-  }
-
-  ssh_channel_send_eof(channel);
-  ssh_channel_close(channel);
-  ssh_channel_free(channel);
-
-  return SSH_OK;
-}
-@endcode
-
-@see @ref opening_shell
-@see @ref remote_command
-@see @ref sftp_subsystem
-@see @ref scp_subsystem
-
-
-@subsection errors Handling the errors
-
-All the libssh functions which return an error value also set an English error message
-describing the problem.
-
-Error values are typically SSH_ERROR for integer values, or NULL for pointers.
-
-The function ssh_get_error() returns a pointer to the static error message.
-
-ssh_error_code() returns the error code number : SSH_NO_ERROR,
-SSH_REQUEST_DENIED, SSH_INVALID_REQUEST, SSH_CONNECTION_LOST, SSH_FATAL,
-or SSH_INVALID_DATA. SSH_REQUEST_DENIED means the ssh server refused your
-request, but the situation is recoverable. The others mean something happened
-to the connection (some encryption problems, server problems, ...).
-SSH_INVALID_REQUEST means the library got some garbage from server, but
-might be recoverable. SSH_FATAL means the connection has an important
-problem and isn't probably recoverable.
-
-Most of time, the error returned are SSH_FATAL, but some functions
-(generaly the ssh_request_xxx ones) may fail because of server denying request.
-In these cases, SSH_REQUEST_DENIED is returned.
-
-ssh_get_error() and ssh_get_error_code() take a ssh_session as a parameter.
-That's for thread safety, error messages that can be attached to a session
-aren't static anymore. Any error that happens during ssh_options_xxx()
-or ssh_connect() (i.e., outside of any session) can be retrieved by
-giving NULL as argument.
-
-The SFTP subsystem has its own error codes, in addition to libssh ones.
-
-
-*/

doc/introduction.dox

@@ -1,50 +0,0 @@
-/**
-@page libssh_tutorial The Tutorial
-@section introduction Introduction
-
-libssh is a C library that enables you to write a program that uses the
-SSH protocol. With it, you can remotely execute programs, transfer
-files, or use a secure and transparent tunnel for your remote programs.
-The SSH protocol is encrypted, ensures data integrity, and provides strong
-means of authenticating both the server of the client. The library hides
-a lot of technical details from the SSH protocol, but this does not
-mean that you should not try to know about and understand these details.
-
-libssh is a Free Software / Open Source project. The libssh library
-is distributed under LGPL license. The libssh project has nothing to do with
-"libssh2", which is a completly different and independant project.
-
-libssh can run on top of either libgcrypt (http://directory.fsf.org/project/libgcrypt/)
-or libcrypto (http://www.openssl.org/docs/crypto/crypto.html), two general-purpose
-cryptographic libraries.
-
-This tutorial concentrates for its main part on the "client" side of libssh.
-To learn how to accept incoming SSH connexions (how to write a SSH server),
-you'll have to jump to the end of this document.
-
-This tutorial describes libssh version 0.5.0. This version is a little different
-from the 0.4.X series. However, the examples should work with
-little changes on versions like 0.4.2 and later.
-
-
-Table of contents:
-
-@subpage libssh_tutor_guided_tour
-
-@subpage libssh_tutor_authentication
-
-@subpage libssh_tutor_shell
-
-@subpage libssh_tutor_command
-
-@subpage libssh_tutor_sftp
-
-@subpage libssh_tutor_scp
-
-@subpage libssh_tutor_forwarding
-
-@subpage libssh_tutor_threads
-
-@subpage libssh_tutor_todo
-
-*/

doc/libssh-0.2-api-1.txt

@@ -0,0 +1,385 @@
+                    The new libssh 0.2 API
+                    ----------------------
+
+Version 1
+
+A. Introduction
+---------------
+
+With the time from the first release of libssh, I have received lots of
+comments about the current API. Myself, I found it quite limiting when doing
+my first libssh-server drafts. Thus, I am moving to a stronger API.
+This API must still be simple. I am not introducing complex changes. An API
+well designed must hide the implementation details. Implementation can change
+easily within bugfixes - but API cannot change each release.
+
+To the people already using libssh 0.11 : sorry. Once I have the complete API
+redesigned, I will write a migration paper. It won't be too hard normally.
+
+Here are the things that were lacking in the previous API and *must* change:
+
+* A non-blocking mode connection type
+* Functions to relegate File descriptor listening to Calling functions and to
+  the programmer. (I'll explain later).
+* Along with that, good buffering system (well, it's not an API but).
+* Leave the "functions returns a pointer when it works and NULL when it does
+  not work". It gives serious problems to implement bindings (A C++
+  constructor should not fail and should not depend on a network thing
+* Make the Session structure an abstract structure that can work with both
+  client and *servers*. That mean we should have a Server object which listen
+  to clients on a bound port, does the different handshakes and return a
+  session.
+  Since C is not per se an Object language, I won't use inheritance between
+  objects.
+* This same server thing must provide the reverse capabilities than the
+  client. That is, accept the handshake, in a nonblocking way. Accept channel
+  requests, or send them to the controller program.
+* Support for program forking : Imagine you have a Ssh server object. You
+  accept a connection and receive a session, then you receive a channel. You
+  may want to keep the good old days fork() tricks. Libssh will give a way to
+  destroy handlers from sessions which belong to an other process without
+  disturbing the session.
+* So often I received the comment back saying that it was not clear why a
+  session or a channel was terminated. This is over.
+* And of course I received lot of mails about the fact I'm doing namespace
+  polution. this will be resolved this time.
+So, please read this draft not as a formal documentation but like a roadmap of
+things that each kind of object must do.
+
+B. Description of objects and functions
+
+Initialization and finalization
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Initialization is for now called automatically, so you don't have to take care
+of that.
+As for finalization, we need to finalize the underlying cryptographic library
+(either OpenSSL or libgcrypt). Be sure that you call ssh_finalize when this
+library won't be used anymore, even by other libraries (i.e. if you use libssh
+and another library that uses OpenSSL, call ssh_finalize when any function of
+both these libraries won't be called).
+If you trust your operating system to clean up the mess after a process
+terminates, you can skip this call.
+
+Options structure
+~~~~~~~~~~~~~~~~~
+
+struct ssh_options *ssh_options_new()
+
+ssh_options_getopt(options, *argc, argv)
+
+ssh_options_copy(options)
+
+char ** ssh_options_get_supported_algos(options,type)
+ returns a list of the algos supported by libssh, type being one of
+ SSH_HOSTKEYS, SSH_KEX, SSH_CRYPT, SSH_MAC, SSH_COMP, SSH_LANG
+
+ssh_options_set_wanted_algos(options,type, char *list)
+list being comma-separated list of algos, and type being the upper constants
+but with _C_S or _S_V added to them.
+
+ssh_options_set_port(options, port)
+
+ssh_options_set_host(options, host)
+
+ssh_options_set_fd(options, fd)
+
+ssh_options_set_bind(options, bindaddr, port)
+this options sets the address to bind for a client *or* a server. a port of
+zero means whatever port is free (what most clients want).
+
+ssh_options_set_username(options, username)
+
+ssh_options_set_connect_timeout(options, seconds, usec)
+
+ssh_options_set_ssh_dir(options, dir)
+ssh_options_set_known_hosts_file(options, file)
+ssh_options_set_identity(options, file)
+
+ssh_options_set_banner(options, banner)
+ssh_options_allow_ssh1(options, bool allow)
+ssh_options_allow_ssh2(options, bool allow)
+
+options_set_status_callback has moved into ssh_* functions.
+
+ssh_session Structure
+~~~~~~~~~~~~~~~~~~~~~
+
+This session structure represents a ssh socket to a server *or* a client.
+
+ssh_session *ssh_new()
+
+ssh_set_options(ssh_session,ssh_options)
+
+ssh_connect(session);
+ it will return some status describing at which point of the connection it is,
+ or an error code. If the connection method is non-blocking, the function
+ will be called more than once, though the return value SSH_AGAIN.
+
+ssh_set_blocking(session, bool blocking)
+ set blocking mode or non blocking mode.
+
+ssh_get_fd(session)
+ get the currently used connection file descriptor or equivalent (windows)
+
+ssh_set_fd_toread(session)
+ssh_set_fd_towrite(session)
+ssh_set_fd_except(session)
+ Serve to notify the library that data is actualy available to be read on the
+ file descriptor socket. why ? because on most platforms select can't be done
+ twice on the same socket when the first reported data to read or to write
+ 
+ssh_get_status(session)
+ Returns the current status bitmask : connection Open or closed, data
+ pending to read or not (even if connection closed), connection closed on
+ error or on an exit message
+
+ssh_get_disconnect_message(session)
+ Returns the connection disconnect error/exit message
+
+ssh_get_pubkey_hash(session, hash)
+ get the public key hash from the server.
+
+ssh_is_server_known(session)
+ssh_write_knownhost(session)
+ these 2 functions will be kept
+
+ssh_disconnect(session)
+ standard disconnect
+
+ssh_disconnect_error(session,error code, message)
+ disconnect with a message
+
+ssh_set_username(session)
+ set the user name to log in
+ 
+ssh_userauth_* functions will be kept as they are now, excepted the fact that
+the username field will disapear.
+the public key mechanism may get some more functions, like retrieving a public
+key from a private key and authenticating without a public key.
+
+ssh_get_issue_banner(session)
+ get the issue banner from the server, that is the welcome message.
+
+ssh_silent_free(session)
+ This function silently free all data structures used by the session and
+ closes the socket. It may be used for instance when the process forked and
+ doesn't want to keep track of this session. This is obviously not possible to
+ do with separate channels.
+
+The channel_struct structure
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The channels will change a bit. the constructor thing will change, and the way
+to multiplex different connections will change too. channel functions will be
+prefixed with "ssh_"
+
+struct channel_struct *ssh_channel_new()
+
+ssh_channel_open_session(channel)
+ will return if the channel allocation failed or not.
+
+ssh_channel_open_forward(channel, ...) won't change. it will report an error if
+the channel allocation failed.
+
+ssh_channel_send_eof(channel)
+ send EOF
+ssh_channel_close(channel)
+ closes a channel but doesn't destroy it. you may read unread data still in
+ the buffer. Once you closed the buffer, the other party can't send you data,
+ while it could still do it if you only sent an EOF.
+ssh_channel_is_closed(channel)
+ returns true if the channel was closed at one of both sides. a closed chan
+ may still have data to read, if you closed yourself the connection. otherwise
+ (you didn't close it) the closed notification only comes when you read the
+ last buffer byte, or when trying to write into the channel (the SIGPIPE-like
+ behaviour).
+
+ssh_channel_is_eof(channel)
+ reports if the other side has sent an EOF. This functions returns FALSE if
+ there is still data to read. A closed channel is always EOF.
+ssh_channel_free(channel)
+ completely free the channel. closes it before if it was not done.
+
+ssh_channel_request_env(channel, name, value)
+ set an environment variable.
+
+ssh_channel_request_pty(channel)
+ssh_channel_request_pty_size()
+ssh_channel_change_pty_size()
+ssh_channel_request_shell()
+ssh_channel_request_exec()
+ssh_channel_request_subsystem()
+These functions won't change.
+
+int ssh_channel_write(channel,data, len,stderr)
+ Depending on the blocking/non blocking mode of the channel, the behaviour may
+ change.
+ stderr is the extended buffer. It's generaly only a server->client stream.
+
+ssh_channel_set_blocking(bool blocking)
+
+int ssh_channel_read(channel, buffer, maxlen, is_stderr)
+ the behaviour will be this one:
+  -if the chan is in non blocking mode, it will poll what's available to read
+  and return this. otherwise (nothing to read) it will return 0.
+  -if the chan is blocking, it will block until at least one byte is
+  available.
+ssh_channel_nonblocking disapears for the later reason.
+
+int channel_poll(channel, is_stderr)
+ polls the network and reports the number of bytes ready to be read in the
+ chan.
+
+ssh_session ssh_channel_get_session(channel)
+ returns the session pointer associated to the channel, for simplicity
+ reasons.
+
+int ssh_channel_select(CHANNELS *readchans, CHANNELS *writechans, CHANNELS
+              *exceptchans, struct timeval *timeout)
+ This function won't work the same way ssh_select did.
+ I removed the custom file descriptor thing for 2 reasons:
+  1- it's not windows compliant. D'ouh !
+  2- most programmers won't want to depend on libssh for socket multiplexing.
+  that's why i let the programmer poll the fds himself and then use
+  ssh_set_fd_toread, towrite or except. Then, he may use ssh_channel_select
+  with a NULL timeout to poll which channels have something to read, write or
+  error report.
+ Here is how it's going to work. The coder sets 3 different arrays with the
+ channels he wants to select(), the last entry being a NULL pointer. The
+ function will first poll them and return the chans that must be
+ read/write/excepted. If nothing has this state, the function will select()
+ using the timeout.
+ The function will return 0 if everything is ok, SSH_TIMEOUT or SSH_EINTR if
+ the select was interrupted by a signal. It is dangerous to execute any
+ channel-related functions into signal handlers. they should set a flag that
+ you read into your loop. this "trap" (SSH_EINTR) will permit you to catch
+ them faster and make your program responsive and look fast.
+ the function will return -1 if a serious problem happens.
+
+
+Error handling
+~~~~~~~~~~~~~~
+
+when an error happens, the programmer can get the error code and description
+with ssh_get_error(session). the creation of a failess constructor for
+ssh_session was needed for this reason.
+
+ssh_get_error_code(session) will return an error code into this subset:
+ SSH_NO_ERROR : no error :)
+ SSH_REQUEST_DENIED : you request for a functionality or a service that is not
+ allowed. The session can continue.
+ SSH_FATAL : Unrecoverable error. The session can't continue and you should
+ disconnect the session. It includes the connection being cut without a
+ disconnect() message.
+ If a disconnect() message or the channel was closed, a read on such a channel
+ won't produce an error. otherwise it will return -1 with a SSH_FATAL error
+ code.
+
+Server socket binding
+~~~~~~~~~~~~~~~~~~~~~
+
+It is not possible to bind a socket for ssh with a SSH_SESSION type, because a
+single bound port may lead to multiple ssh connections. That's why the
+SSH_BIND structure must be created. It uses options from the SSH_OPTIONS
+structure.
+
+SSH_BIND *ssh_bind_new()
+creates a structure
+ssh_bind_set_options(bind, options)
+set the option structure
+int ssh_bind_listen(bind)
+ bind and listen to the port. This call is not blocking. if some error
+ happens, it returns -1 and the error code can be found with perror().
+
+ssh_bind_set_blocking(bind, bool blocking)
+ should ssh_bind_accept() block or not.
+
+int ssh_bind_get_fd(bind)
+ return the bound file descriptor, that is the listener socket. you may put it
+ into a select() in your code to detect a connection attempt.
+
+ssh_bind_set_fd_toaccept(bind)
+ say that the listener socket has a connection to accept (to avoid
+ ssh_bind_accept() to do a select on it).
+
+SSH_SESSION *ssh_bind_accept(bind)
+ return a server handle to a ssh session. if the mode is blocking, the
+ function will always return a pointer to a session. if the mode is not
+ blocking, the function can return NULL if there is no connection to accept.
+
+This SSH_SESSION handle must then pass through the functions explained above.
+
+
+*server functions *
+
+int ssh_accept(session)
+ when a new connection is accepted, the handshake must be done. this function
+ will do the banner handshake and the key exchange.
+ it will return SSH_AGAIN if the session mode is non blocking, and the
+ function must be called again until an error occurs or the kex is done.
+
+Here, I had a few choises about *how* to implement the message parsing as a
+server. There are multiple ways to do it, one being callbacks and one being
+"Message" reading, parsing and then choice going to the user to use it and
+answer. I've choosen the latter because i believe it's the stronger method.
+A ssh server can receive 30 different kind of messages having to be dealt by
+the high level routines, like channel request_shell or authentication. Having
+a callback for all of them would produce a huge kludge of callbacks, with
+no relations on when there were called etc.
+A message based parsing allows the user to filtrate the messages he's
+interested into and to use a default answer for the others. Then, the callback
+thing is still possible to handle through a simple message code/callback
+function array.
+
+I did not define yet what it would look like, but i'm sure there will be a
+SSH_MESSAGE (they won't have a 1/1 correspondance with ssh packets) which will
+be read through
+SSH_MESSAGE *ssh_server_read_message(session).
+with all of the non-blocking stuff in head like returning NULL if the message
+is not full.
+Then, the message can be parsed, ie
+int ssh_message_get_code(message)
+which will return SSH_MESSAGE_AUTH
+then
+int ssh_message_get_subcode(message)
+which then will returh SSH_MESSAGE_AUTH_PASSWORD or _NONE or _PUBKEY etc.
+
+Then, once the message was parsed, the message will have to be answered, ie
+with the generic functions like
+ssh_message_accept(message) which says 'Ok your request is accepted' or
+ssh_message_deny(message) which says 'Your request is refused'.
+
+There would be specific message answer functions for some kind of messages
+like the authentication one. you may want to reply that the authentication is
+Partial rather than denied, and that you still accept some kind of auths, like
+ssh_message_auth_reply(message,SSH_AUTH_PARTIAL,SSH_AUTH_PASSWORD |
+SSH_AUTH_PUBKEY | SSH_AUTH_KEYBINT);
+
+I won't let the user have to deal with the channels himself. When a channel is
+going to be created by the remote size, a message will come asking to open a
+channel. the programmer can either deny or accept, in which case a CHANNEL
+object will be created and returned to the programmer. then, all standard
+channel functions will run.
+
+C. Change log of this document
+
+3. Add paragraph about initalization and finalization.
+
+2. ssh_options_set_username finaly is kept into the options, because it can be
+set by ssh_options_getopt()
+
+1. first release
+
+D. End notes
+
+I think libssh must have a very simple to use, powerful and exhaustive API. It
+must have no design flaw either.
+While I got some good experience at the SSH protocol, I've never writen
+more-than-100 lines programs than use libssh and I don't really know the
+problems of the library. I'd like people who don't understand some detail into
+the API I describe here, who have comments or opinions about it to write me
+the soonest possible to limit the damages if I made something the completely
+wrong way.
+Thanks for your patience.
+

doc/linking.dox

@@ -1,24 +0,0 @@
-/**
-
-@page libssh_linking The Linking HowTo
-
-@section dynamic Dynamic Linking
-
-On UNIX and Windows systems its the same, you need at least the libssh.h
-header file and the libssh shared library.
-
-@section static Static Linking
-
-@warning <b>The libssh library is licensed under the LGPL! Make sure you
-understand what this means to your codebase if you want to distribute
-binaries and link statically against LGPL code!</b>
-
-On UNIX systems linking against the static version of the library is the
-same as linking against the shared library. Both have the same name. Some
-build system require to use the full path to the static library.
-
-On Windows you need to define LIBSSH_STATIC in the compiler command
-line. This is required cause the dynamic library needs to specify the
-dllimport attribute.
-
-*/

doc/mainpage.dox

@@ -1,209 +1,12 @@
 /**
+ * @mainpage
+ * This manual documents the libssh C API.
+ *
+ * There are several other places to look for libssh information, such as the
+ * <a href="http://dev.libssh.org/wiki/Tutorial" target="_blank">tutorial</a>
+ * and the specification; those can be found at the <a
+ * href="http://www.libssh.org/" target="_blank">libssh website</a>.
+ *
+ * To be continued...
+ */
 
-@mainpage
-
-This is the online reference for developing with the libssh library. It
-documents the libssh C API and the C++ wrapper.
-
-@section main-linking Linking
-
-We created a small howto how to link libssh against your application, read
-@subpage libssh_linking.
-
-@section main-tutorial Tutorial
-
-You should start by reading @subpage libssh_tutorial, then reading the documentation of
-the interesting functions as you go.
-
-@section main-features Features
-
-The libssh library provides:
-
- - Full C library functions for manipulating a client-side SSH connection
- - SSH2 and SSH1 protocol compliant
- - Fully configurable sessions
- - Server support
- - SSH agent authentication support
- - Support for AES-128, AES-192, AES-256, Blowfish, 3DES in CBC mode, and AES in CTR mode
- - Supports OpenSSL and GCrypt
- - Use multiple SSH connections in a same process, at same time
- - Use multiple channels in the same connection
- - Thread safety when using different sessions at same time
- - POSIX-like SFTP (Secure File Transfer) implementation with openssh extension support
- - SCP implementation
- - Large file system support (files bigger than 4GB)
- - RSA and DSS server public key supported
- - Compression support (with zlib)
- - Public key (RSA and DSS), password and keyboard-interactive authentication
- - Full poll()/WSAPoll() support and a poll-emulation for Win32.
- - Runs and tested under x86_64, x86, ARM, Sparc32, PPC under Linux, BSD, MacOSX, Solaris and Windows
-
-@section main-copyright Copyright Policy
-
-libssh is a project with distributed copyright ownership, which means we prefer
-the copyright on parts of libssh to be held by individuals rather than
-corporations if possible. There are historical legal reasons for this, but one
-of the best ways to explain it is that it’s much easier to work with
-individuals who have ownership than corporate legal departments if we ever need
-to make reasonable compromises with people using and working with libssh.
-
-We track the ownership of every part of libssh via git, our source code control
-system, so we know the provenance of every piece of code that is committed to
-libssh.
-
-So if possible, if you’re doing libssh changes on behalf of a company who
-normally owns all the work you do please get them to assign personal copyright
-ownership of your changes to you as an individual, that makes things very easy
-for us to work with and avoids bringing corporate legal departments into the
-picture.
-
-If you can’t do this we can still accept patches from you owned by your
-employer under a standard employment contract with corporate copyright
-ownership. It just requires a simple set-up process first.
-
-We use a process very similar to the way things are done in the Linux Kernel
-community, so it should be very easy to get a sign off from your corporate
-legal department. The only changes we’ve made are to accommodate the license we
-use, which is LGPLv2 (or later) whereas the Linux kernel uses GPLv2.
-
-The process is called signing.
-
-How to sign your work
-----------------------
-
-Once you have permission to contribute to libssh from your employer, simply
-email a copy of the following text from your corporate email address to:
-
-contributing@libssh.org
-
-@verbatim
-libssh Developer's Certificate of Origin. Version 1.0
-
-By making a contribution to this project, I certify that:
-
-(a) The contribution was created in whole or in part by me and I
-    have the right to submit it under the appropriate
-    version of the GNU General Public License; or
-
-(b) The contribution is based upon previous work that, to the best of
-    my knowledge, is covered under an appropriate open source license
-    and I have the right under that license to submit that work with
-    modifications, whether created in whole or in part by me, under
-    the GNU General Public License, in the appropriate version; or
-
-(c) The contribution was provided directly to me by some other
-    person who certified (a) or (b) and I have not modified it.
-
-(d) I understand and agree that this project and the contribution are
-    public and that a record of the contribution (including all
-    metadata and personal information I submit with it, including my
-    sign-off) is maintained indefinitely and may be redistributed
-    consistent with the libssh Team's policies and the requirements of
-    the GNU GPL where they are relevant.
-
-(e) I am granting this work to this project under the terms of the
-    GNU Lesser General Public License as published by the
-    Free Software Foundation; either version 2.1 of
-    the License, or (at the option of the project) any later version.
-
-http://www.gnu.org/licenses/lgpl-2.1.html
-@endverbatim
-
-We will maintain a copy of that email as a record that you have the rights to
-contribute code to libssh under the required licenses whilst working for the
-company where the email came from.
-
-Then when sending in a patch via the normal mechanisms described above, add a
-line that states:
-
-@verbatim
-   Signed-off-by: Random J Developer <random@developer.example.org>
-@endverbatim
-
-using your real name and the email address you sent the original email you used
-to send the libssh Developer’s Certificate of Origin to us (sorry, no
-pseudonyms or anonymous contributions.)
-
-That’s it! Such code can then quite happily contain changes that have copyright
-messages such as:
-
-@verbatim
-   (c) Example Corporation.
-@endverbatim
-
-and can be merged into the libssh codebase in the same way as patches from any
-other individual. You don’t need to send in a copy of the libssh Developer’s
-Certificate of Origin for each patch, or inside each patch. Just the sign-off
-message is all that is required once we’ve received the initial email.
-
-Have fun and happy libssh hacking!
-
-The libssh Team
-
-@section main-rfc Internet standard
-
-@subsection main-rfc-secsh Secure Shell (SSH)
-
-The following RFC documents described SSH-2 protcol as an Internet standard.
-
- - <a href="http://tools.ietf.org/html/rfc4250" target="_blank">RFC 4250</a>,
-    The Secure Shell (SSH) Protocol Assigned Numbers
- - <a href="http://tools.ietf.org/html/rfc4251" target="_blank">RFC 4251</a>,
-    The Secure Shell (SSH) Protocol Architecture
- - <a href="http://tools.ietf.org/html/rfc4252" target="_blank">RFC 4252</a>,
-    The Secure Shell (SSH) Authentication Protocol
- - <a href="http://tools.ietf.org/html/rfc4253" target="_blank">RFC 4253</a>,
-    The Secure Shell (SSH) Transport Layer Protocol
- - <a href="http://tools.ietf.org/html/rfc4254" target="_blank">RFC 4254</a>,
-    The Secure Shell (SSH) Connection Protocol
- - <a href="http://tools.ietf.org/html/rfc4255" target="_blank">RFC 4255</a>,
-    Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints
- - <a href="http://tools.ietf.org/html/rfc4256" target="_blank">RFC 4256</a>,
-    Generic Message Exchange Authentication for the Secure Shell Protocol (SSH)
- - <a href="http://tools.ietf.org/html/rfc4335" target="_blank">RFC 4335</a>,
-    The Secure Shell (SSH) Session Channel Break Extension
- - <a href="http://tools.ietf.org/html/rfc4344" target="_blank">RFC 4344</a>,
-    The Secure Shell (SSH) Transport Layer Encryption Modes
- - <a href="http://tools.ietf.org/html/rfc4345" target="_blank">RFC 4345</a>,
-    Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol
-
-It was later modified and expanded by the following RFCs.
-
- - <a href="http://tools.ietf.org/html/rfc4419" target="_blank">RFC 4419</a>,
-    Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer
-    Protocol
- - <a href="http://tools.ietf.org/html/rfc4432" target="_blank">RFC 4432</a>,
-    RSA Key Exchange for the Secure Shell (SSH) Transport Layer Protocol
- - <a href="http://tools.ietf.org/html/rfc4462" target="_blank">RFC 4462</a>,
-    Generic Security Service Application Program Interface (GSS-API)
-    Authentication and Key Exchange for the Secure Shell (SSH) Protocol
- - <a href="http://tools.ietf.org/html/rfc4716" target="_blank">RFC 4716</a>,
-    The Secure Shell (SSH) Public Key File Format
- - <a href="http://tools.ietf.org/html/rfc5656" target="_blank">RFC 5656</a>,
-    Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer
-
-Interesting cryptography documents:
-
- - <a href="http://www.cryptsoft.com/pkcs11doc/" target="_blank">PKCS #11</a>, PKCS #11 reference documents, describing interface with smartcards.
-
-@subsection main-rfc-sftp Secure Shell File Transfer Protocol (SFTP)
-
-The protocol is not an Internet standard but it is still widely implemented.
-OpenSSH and most other implementation implement Version 3 of the protocol. We
-do the same in libssh.
-
- - <a href="http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02" target="_blank">
-   draft-ietf-secsh-filexfer-02.txt</a>,
-   SSH File Transfer Protocol
-
-@subsection main-rfc-extensions Secure Shell Extensions
-
-The OpenSSH project has defined some extensions to the protocol. We support some of
-them like the statvfs calls in SFTP or the ssh-agent.
-
- - <a href="http://api.libssh.org/rfc/PROTOCOL" target="_blank">
-    OpenSSH's deviations and extensions</a>
- - <a href="http://api.libssh.org/rfc/PROTOCOL.agent" target="_blank">
-    OpenSSH's ssh-agent</a>
-
-*/

doc/scp.dox

@@ -1,257 +0,0 @@
-/**
-@page libssh_tutor_scp Chapter 6: The SCP subsystem
-@section scp_subsystem The SCP subsystem
-
-The SCP subsystem has far less functionnality than the SFTP subsystem.
-However, if you only need to copy files from and to the remote system,
-it does its job.
-
-
-@subsection scp_session Opening and closing a SCP session
-
-Like in the SFTP subsystem, you don't handle the SSH channels directly.
-Instead, you open a "SCP session".
-
-When you open your SCP session, you have to choose between read or write mode.
-You can't do both in the same session. So you specify either SSH_SCP_READ or
-SSH_SCP_WRITE as the second parameter of function ssh_scp_new().
-
-Another important mode flag for opening your SCP session is SSH_SCP_RECURSIVE.
-When you use SSH_SCP_RECURSIVE, you declare that you are willing to emulate
-the behaviour of "scp -r" command in your program, no matter it is for
-reading or for writing.
-
-Once your session is created, you initialize it with ssh_scp_init(). When
-you have finished transferring files, you terminate the SCP connection with
-ssh_scp_close(). Finally, you can dispose the SCP connection with
-ssh_scp_free().
-
-The example below does the maintenance work to open a SCP connection for writing in
-recursive mode:
-
-@code
-int scp_write(ssh_session session)
-{
-  ssh_scp scp;
-  int rc;
-
-  scp = ssh_scp_new
-    (session, SSH_SCP_WRITE | SSH_SCP_RECURSIVE, ".");
-  if (scp == NULL)
-  {
-    fprintf(stderr, "Error allocating scp session: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  rc = ssh_scp_init(scp);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error initializing scp session: %s\n", ssh_get_error(session));
-    ssh_scp_free(scp);
-    return rc;
-  }
-
-  ...
-
-  ssh_scp_close(scp);
-  ssh_scp_free(scp);
-  return SSH_OK;
-}
-@endcode
-
-The example below shows how to open a connection to read a single file:
-
-@code
-int scp_read(ssh_session session)
-{
-  ssh_scp scp;
-  int rc;
-
-  scp = ssh_scp_new
-    (session, SSH_SCP_READ, "helloworld/helloworld.txt");
-  if (scp == NULL)
-  {
-    fprintf(stderr, "Error allocating scp session: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  rc = ssh_scp_init(scp);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error initializing scp session: %s\n", ssh_get_error(session));
-    ssh_scp_free(scp);
-    return rc;
-  }
-
-  ...
-
-  ssh_scp_close(scp);
-  ssh_scp_free(scp);
-  return SSH_OK;
-}
-
-@endcode
-
-
-@subsection scp_write Creating files and directories
-
-You create directories with ssh_scp_push_directory(). In recursive mode,
-you are placed in this directory once it is created. If the directory
-already exists and if you are in recursive mode, you simply enter that
-directory.
-
-Creating files is done in two steps. First, you prepare the writing with
-ssh_scp_push_file(). Then, you write the data with ssh_scp_write().
-The length of the data to write must be identical between both function calls.
-There's no need to "open" nor "close" the file, this is done automatically
-on the remote end. If the file already exists, it is overwritten and truncated.
-
-The following example creates a new directory named "helloworld/", then creates
-a file named "helloworld.txt" in that directory:
-
-@code
-int scp_helloworld(ssh_session session, ssh_scp scp)
-{
-  int rc;
-  const char *helloworld = "Hello, world!\n";
-  int length = strlen(helloworld);
-
-  rc = ssh_scp_push_directory(scp, "helloworld", S_IRWXU);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't create remote directory: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  rc = ssh_scp_push_file
-    (scp, "helloworld.txt", length, S_IRUSR |  S_IWUSR);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't open remote file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  rc = ssh_scp_write(scp, helloworld, length);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't write to remote file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-
-@subsection scp_recursive_write Copying full directory trees to the remote server
-
-Let's say you want to copy the following tree of files to the remote site:
-
-@verbatim
-               +-- file1
-       +-- B --+
-       |       +-- file2
--- A --+ 
-       |       +-- file3
-       +-- C --+
-               +-- file4
-@endverbatim
-
-You would do it that way:
-  - open the session in recursive mode
-  - enter directory A
-  - enter its subdirectory B
-  - create file1 in B
-  - create file2 in B
-  - leave directory B
-  - enter subdirectory C
-  - create file3 in C
-  - create file4 in C
-  - leave directory C
-  - leave directory A
-
-To leave a directory, call ssh_scp_leave_directory().
-
-
-@subsection scp_read Reading files and directories
-
-
-To receive files, you pull requests from the other side with ssh_scp_pull_request().
-If this function returns SSH_SCP_REQUEST_NEWFILE, then you must get ready for
-the reception. You can get the size of the data to receive with ssh_scp_request_get_size()
-and allocate a buffer accordingly. When you are ready, you accept the request with
-ssh_scp_accept_request(), then read the data with ssh_scp_read().
-
-The following example receives a single file. The name of the file to
-receive has been given earlier, when the scp session was opened:
-
-@code
-int scp_receive(ssh_session session, ssh_scp scp)
-{
-  int rc;
-  int size, mode;
-  char *filename, *buffer;
-
-  rc = ssh_scp_pull_request(scp);
-  if (rc != SSH_SCP_REQUEST_NEWFILE)
-  {
-    fprintf(stderr, "Error receiving information about file: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  size = ssh_scp_request_get_size(scp);
-  filename = strdup(ssh_scp_request_get_filename(scp));
-  mode = ssh_scp_request_get_permissions(scp);
-  printf("Receiving file %s, size %d, permisssions 0%o\n", filename, size, mode);
-  free(filename);
-
-  buffer = malloc(size);
-  if (buffer == NULL)
-  {
-    fprintf(stderr, "Memory allocation error\n");
-    return SSH_ERROR;
-  }
-
-  ssh_scp_accept_request(scp);
-  rc = ssh_scp_read(scp, buffer, size);
-  if (rc == SSH_ERROR)
-  {
-    fprintf(stderr, "Error receiving file data: %s\n", ssh_get_error(session));
-    free(buffer);
-    return rc;
-  }
-  printf("Done\n");
-
-  write(1, buffer, size);
-  free(buffer);
-
-  rc = ssh_scp_pull_request(scp);
-  if (rc != SSH_SCP_REQUEST_EOF)
-  {
-    fprintf(stderr, "Unexpected request: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-In this example, since we just requested a single file, we expect ssh_scp_request()
-to return SSH_SCP_REQUEST_NEWFILE first, then SSH_SCP_REQUEST_EOF. That's quite a
-naive approach; for example, the remote server might send a warning as well
-(return code SSH_SCP_REQUEST_WARNING) and the example would fail. A more comprehensive
-reception program would receive the requests in a loop and analyze them carefully
-until SSH_SCP_REQUEST_EOF has been received.
-
-
-@subsection scp_recursive_read Receiving full directory trees from the remote server
-
-If you opened the SCP session in recursive mode, the remote end will be
-telling you when to change directory.
-
-In that case, when ssh_scp_pull_request() answers
-SSH_SCP_REQUEST_NEWDIRECTORY, you should make that local directory (if
-it does not exist yet) and enter it. When ssh_scp_pull_request() answers
-SSH_SCP_REQUEST_ENDDIRECTORY, you should leave the current directory.
-
-*/

doc/sftp.dox

@@ -1,395 +0,0 @@
-/**
-@page libssh_tutor_sftp Chapter 5: The SFTP subsystem
-@section sftp_subsystem The SFTP subsystem
-
-SFTP stands for "Secure File Transfer Protocol". It enables you to safely
-transfer files between the local and the remote computer. It reminds a lot
-of the old FTP protocol.
-
-SFTP is a rich protocol. It lets you do over the network almost everything
-that you can do with local files:
-  - send files
-  - modify only a portion of a file
-  - receive files
-  - receive only a portion of a file
-  - get file owner and group
-  - get file permissions
-  - set file owner and group
-  - set file permissions
-  - remove files
-  - rename files
-  - create a directory
-  - remove a directory
-  - retrieve the list of files in a directory
-  - get the target of a symbolic link
-  - create symbolic links
-  - get information about mounted filesystems.
-
-The current implemented version of the SFTP protocol is version 3. All functions
-aren't implemented yet, but the most important are.
-
-
-@subsection sftp_session Opening and closing a SFTP session
-
-Unlike with remote shells and remote commands, when you use the SFTP subsystem,
-you don't handle directly the SSH channels. Instead, you open a "SFTP session".
-
-The function sftp_new() creates a new SFTP session. The function sftp_init()
-initializes it. The function sftp_free() deletes it.
-
-As you see, all the SFTP-related functions start with the "sftp_" prefix
-instead of the usual "ssh_" prefix.
-
-The example below shows how to use these functions:
-
-@code
-#include <libssh/sftp.h>
-
-int sftp_helloworld(ssh_session session)
-{
-  sftp_session sftp;
-  int rc;
-
-  sftp = sftp_new(session);
-  if (sftp == NULL)
-  {
-    fprintf(stderr, "Error allocating SFTP session: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  rc = sftp_init(sftp);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Error initializing SFTP session: %s.\n", sftp_get_error(sftp));
-    sftp_free(sftp);
-    return rc;
-  }
-
-  ...
-
-  sftp_free(sftp);
-  return SSH_OK;
-}
-@endcode
-
-
-@subsection sftp_errors Analyzing SFTP errors
-
-In case of a problem, the function sftp_get_error() returns a SFTP-specific
-error number, in addition to the regular SSH error number returned by
-ssh_get_error_number().
-
-Possible errors are:
-  - SSH_FX_OK: no error
-  - SSH_FX_EOF: end-of-file encountered
-  - SSH_FX_NO_SUCH_FILE: file does not exist
-  - SSH_FX_PERMISSION_DENIED: permission denied
-  - SSH_FX_FAILURE: generic failure
-  - SSH_FX_BAD_MESSAGE: garbage received from server
-  - SSH_FX_NO_CONNECTION: no connection has been set up
-  - SSH_FX_CONNECTION_LOST: there was a connection, but we lost it
-  - SSH_FX_OP_UNSUPPORTED: operation not supported by libssh yet
-  - SSH_FX_INVALID_HANDLE: invalid file handle
-  - SSH_FX_NO_SUCH_PATH: no such file or directory path exists
-  - SSH_FX_FILE_ALREADY_EXISTS: an attempt to create an already existing file or directory has been made
-  - SSH_FX_WRITE_PROTECT: write-protected filesystem
-  - SSH_FX_NO_MEDIA: no media was in remote drive
-
-
-@subsection sftp_mkdir Creating a directory
-
-The function sftp_mkdir() tahes the "SFTP session" we juste created as
-its first argument. It also needs the name of the file to create, and the
-desired permissions. The permissions are the same as for the usual mkdir()
-function. To get a comprehensive list of the available permissions, use the
-"man 2 stat" command. The desired permissions are combined with the remote
-user's mask to determine the effective permissions.
-
-The code below creates a directory named "helloworld" in the current directory that
-can be read and written only by its owner:
-
-@code
-#include <libssh/sftp.h>
-#include <sys/stat.h>
-
-int sftp_helloworld(ssh_session session, sftp_session sftp)
-{
-  int rc;
-
-  rc = sftp_mkdir(sftp, "helloworld", S_IRWXU);
-  if (rc != SSH_OK)
-  {
-    if (sftp_get_error(sftp) != SSH_FX_FILE_ALREADY_EXISTS)
-    {
-      fprintf(stderr, "Can't create directory: %s\n", ssh_get_error(session));
-        return rc;
-    }
-  }
-
-  ...
-
-  return SSH_OK;
-}
-@endcode
-
-Unlike its equivalent in the SCP subsystem, this function does NOT change the
-current directory to the newly created subdirectory.
-
-
-@subsection sftp_write Copying a file to the remote computer
-
-You handle the contents of a remote file just like you would do with a
-local file: you open the file in a given mode, move the file pointer in it,
-read or write data, and close the file.
-
-The sftp_open() function is very similar to the regular open() function,
-excepted that it returns a file handle of type sftp_file. This file handle
-is then used by the other file manipulation functions and remains valid
-until you close the remote file with sftp_close().
-
-The example below creates a new file named "helloworld.txt" in the
-newly created "helloworld" directory. If the file already exists, it will
-be truncated. It then writes the famous "Hello, World!" sentence to the
-file, followed by a new line character. Finally, the file is closed:
-
-@code
-#include <libssh/sftp.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-
-int sftp_helloworld(ssh_session session, sftp_session sftp)
-{
-  int access_type = O_WRONLY | O_CREAT | O_TRUNC;
-  sftp_file file;
-  const char *helloworld = "Hello, World!\n";
-  int length = strlen(helloworld);
-  int rc, nwritten;
-
-  ...
-
-  file = sftp_open(sftp, "helloworld/helloworld.txt", access_type, S_IRWXU);
-  if (file == NULL)
-  {
-    fprintf(stderr, "Can't open file for writing: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  nwritten = sftp_write(file, helloworld, length);
-  if (nwritten != length)
-  {
-    fprintf(stderr, "Can't write data to file: %s\n", ssh_get_error(session));
-    sftp_close(file);
-    return SSH_ERROR;
-  }
-
-  rc = sftp_close(file);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't close the written file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-
-@subsection sftp_read Reading a file from the remote computer
-
-The nice thing with reading a file over the network through SFTP is that it
-can be done both in a synchronous way or an asynchronous way. If you read the file
-asynchronously, your program can do something else while it waits for the
-results to come.
-
-Synchronous read is done with sftp_read().
-
-The following example prints the contents of remote file "/etc/profile". For
-each 1024 bytes of information read, it waits until the end of the read operation:
-
-@code
-int sftp_read_sync(ssh_session session, sftp_session sftp)
-{
-  int access_type;
-  sftp_file file;
-  char buffer[1024];
-  int nbytes, rc;
-
-  access_type = O_RDONLY;
-  file = sftp_open(sftp, "/etc/profile", access_type, 0);
-  if (file == NULL)
-  {
-    fprintf(stderr, "Can't open file for reading: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  nbytes = sftp_read(file, buffer, sizeof(buffer));
-  while (nbytes > 0)
-  {
-    if (write(1, buffer, nbytes) != nbytes)
-    {
-      sftp_close(file);
-      return SSH_ERROR;
-    }
-    nbytes = sftp_read(file, buffer, sizeof(buffer));
-  }
-
-  if (nbytes < 0)
-  {
-    fprintf(stderr, "Error while reading file: %s\n", ssh_get_error(session));
-    sftp_close(file);
-    return SSH_ERROR;
-  }
-
-  rc = sftp_close(file);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't close the read file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-Asynchronous read is done in two steps, first sftp_async_read_begin(), which
-returns a "request handle", and then sftp_async_read(), which uses that request handle.
-If the file has been opened in nonblocking mode, then sftp_async_read()
-might return SSH_AGAIN, which means that the request hasn't completed yet
-and that the function should be called again later on. Otherwise,
-sftp_async_read() waits for the data to come. To open a file in nonblocking mode,
-call sftp_file_set_nonblocking() right after you opened it. Default is blocking mode.
-
-The example below reads a very big file in asynchronous, nonblocking, mode. Each
-time the data are not ready yet, a counter is incrementer.
-
-@code
-int sftp_read_async(ssh_session session, sftp_session sftp)
-{
-  int access_type;
-  sftp_file file;
-  char buffer[1024];
-  int async_request;
-  int nbytes;
-  long counter;
-  int rc;
-
-  access_type = O_RDONLY;
-  file = sftp_open(sftp, "some_very_big_file", access_type, 0);
-  if (file == NULL)
-  {
-    fprintf(stderr, "Can't open file for reading: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-  sftp_file_set_nonblocking(file);
-
-  async_request = sftp_async_read_begin(file, sizeof(buffer));
-  counter = 0L;
-  usleep(10000);
-  if (async_request >= 0)
-    nbytes = sftp_async_read(file, buffer, sizeof(buffer), async_request);
-  else nbytes = -1;
-  while (nbytes > 0 || nbytes == SSH_AGAIN)
-  {
-    if (nbytes > 0)
-    {
-      write(1, buffer, nbytes);
-      async_request = sftp_async_read_begin(file, sizeof(buffer));
-    }
-    else counter++;
-    usleep(10000);
-    if (async_request >= 0)
-      nbytes = sftp_async_read(file, buffer, sizeof(buffer), async_request);
-    else nbytes = -1;
-  }
-
-  if (nbytes < 0)
-  {
-    fprintf(stderr, "Error while reading file: %s\n", ssh_get_error(session));
-    sftp_close(file);
-    return SSH_ERROR;
-  }
-
-  printf("The counter has reached value: %ld\n", counter);
-
-  rc = sftp_close(file);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't close the read file: %s\n", ssh_get_error(session));
-    return rc;
-  }
-
-  return SSH_OK;
-}
-@endcode
-
-@subsection sftp_ls Listing the contents of a directory
-
-The functions sftp_opendir(), sftp_readdir(), sftp_dir_eof(),
-and sftp_closedir() enable to list the contents of a directory. 
-They use a new handle_type, "sftp_dir", which gives access to the
-directory being read.
-
-In addition, sftp_readdir() returns a "sftp_attributes" which is a pointer
-to a structure with informations about a directory entry:
-  - name: the name of the file or directory
-  - size: its size in bytes
-  - etc.
-
-sftp_readdir() might return NULL under two conditions:
-  - when the end of the directory has been met
-  - when an error occured
-
-To tell the difference, call sftp_dir_eof().
-
-The attributes must be freed with sftp_attributes_free() when no longer
-needed.
-
-The following example reads the contents of some remote directory:
-
-@code
-int sftp_list_dir(ssh_session session, sftp_session sftp)
-{
-  sftp_dir dir;
-  sftp_attributes attributes;
-  int rc;
-
-  dir = sftp_opendir(sftp, "/var/log");
-  if (!dir)
-  {
-    fprintf(stderr, "Directory not opened: %s\n", ssh_get_error(session));
-    return SSH_ERROR;
-  }
-
-  printf("Name                         Size Perms    Owner\tGroup\n");
-
-  while ((attributes = sftp_readdir(sftp, dir)) != NULL)
-  {
-    printf("%-22s %10llu %.8o %s(%d)\t%s(%d)\n",
-     attributes->name,
-     (long long unsigned int) attributes->size,
-     attributes->permissions,
-     attributes->owner,
-     attributes->uid,
-     attributes->group,
-     attributes->gid);
-
-     sftp_attributes_free(attributes);
-  }
-
-  if (!sftp_dir_eof(dir))
-  {
-    fprintf(stderr, "Can't list directory: %s\n", ssh_get_error(session));
-    sftp_closedir(dir);
-    return SSH_ERROR;
-  }
-
-  rc = sftp_closedir(dir);
-  if (rc != SSH_OK)
-  {
-    fprintf(stderr, "Can't close directory: %s\n", ssh_get_error(session));
-    return rc;
-  }
-}
-@endcode
-
-*/

doc/shell.dox

@@ -1,361 +0,0 @@
-/**
-@page libssh_tutor_shell Chapter 3: Opening a remote shell
-@section opening_shell Opening a remote shell
-
-We already mentioned that a single SSH connection can be shared
-between several "channels". Channels can be used for different purposes.
-
-This chapter shows how to open one of these channels, and how to use it to
-start a command interpreter on a remote computer.
-
-
-@subsection open_channel Opening and closing a channel
-
-The ssh_channel_new() function creates a channel. It returns the channel as
-a variable of type ssh_channel.
-
-Once you have this channel, you open a SSH session that uses it with
-ssh_channel_open_session().
-
-Once you don't need the channel anymore, you can send an end-of-file
-to it with ssh_channel_close(). At this point, you can destroy the channel
-with ssh_channel_free().
-
-The code sample below achieves these tasks:
-
-@code
-int shell_session(ssh_session session)
-{
-  ssh_channel channel;
-  int rc;
-
-  channel = ssh_channel_new(session);
-  if (channel == NULL)
-    return SSH_ERROR;
-
-  rc = ssh_channel_open_session(channel);
-  if (rc != SSH_OK)
-  {
-    ssh_channel_free(channel);
-    return rc;
-  }
-
-  ...
-
-  ssh_channel_close(channel);
-  ssh_channel_send_eof(channel);
-  ssh_channel_free(channel);
-
-  return SSH_OK;
-}
-@endcode
-
-
-@subsection interactive Interactive and non-interactive sessions
-
-A "shell" is a command interpreter. It is said to be "interactive"
-if there is a human user typing the commands, one after the
-other. The contrary, a non-interactive shell, is similar to
-the execution of commands in the background: there is no attached
-terminal.
-
-If you plan using an interactive shell, you need to create a
-pseud-terminal on the remote side. A remote terminal is usually referred
-to as a "pty", for "pseudo-teletype". The remote processes won't see the
-difference with a real text-oriented terminal.
-
-If needed, you request the pty with the function ssh_channel_request_pty().
-Then you define its dimensions (number of rows and columns)
-with ssh_channel_change_pty_size().
-
-Be your session interactive or not, the next step is to request a
-shell with ssh_channel_request_shell().
-
-@code
-int interactive_shell_session(ssh_channel channel)
-{
-  int rc;
-
-  rc = ssh_channel_request_pty(channel);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_change_pty_size(channel, 80, 24);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_request_shell(channel);
-  if (rc != SSH_OK) return rc;
-
-  ...
-
-  return rc;
-}
-@endcode
-
-
-@subsection read_data Displaying the data sent by the remote computer
-
-In your program, you will usually need to receive all the data "displayed"
-into the remote pty. You will usually analyse, log, or display this data.
-
-ssh_channel_read() and ssh_channel_read_nonblocking() are the simplest
-way to read data from a channel. If you only need to read from a single
-channel, they should be enough.
-
-The example below shows how to wait for remote data using ssh_channel_read():
-
-@code
-int interactive_shell_session(ssh_channel channel)
-{
-  int rc;
-  char buffer[256];
-  int nbytes;
-
-  rc = ssh_channel_request_pty(channel);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_change_pty_size(channel, 80, 24);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_request_shell(channel);
-  if (rc != SSH_OK) return rc;
-
-  while (ssh_channel_is_open(channel) &&
-         !ssh_channel_is_eof(channel))
-  {
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    if (nbytes < 0)
-      return SSH_ERROR;
-
-    if (nbytes > 0)
-      write(1, buffer, nbytes);
-  }
-
-  return rc;
-}
-@endcode
-
-Unlike ssh_channel_read(), ssh_channel_read_nonblocking() never waits for
-remote data to be ready. It returns immediately.
-
-If you plan to use ssh_channel_read_nonblocking() repeatedly in a loop,
-you should use a "passive wait" function like usleep(3) in the same
-loop. Otherwise, your program will consume all the CPU time, and your
-computer might become unresponsive.
-
-
-@subsection write_data Sending user input to the remote computer
-
-User's input is sent to the remote site with ssh_channel_write().
-
-The following example shows how to combine a nonblocking read from a SSH
-channel with a nonblocking read from the keyboard. The local input is then
-sent to the remote computer:
-
-@code
-/* Under Linux, this function determines whether a key has been pressed.
-   Under Windows, it is a standard function, so you need not redefine it.
-*/
-int kbhit()
-{
-    struct timeval tv = { 0L, 0L };
-    fd_set fds;
-
-    FD_ZERO(&fds);
-    FD_SET(0, &fds);
-
-    return select(1, &fds, NULL, NULL, &tv);
-}
-
-/* A very simple terminal emulator:
-   - print data received from the remote computer
-   - send keyboard input to the remote computer
-*/
-int interactive_shell_session(ssh_channel channel)
-{
-  /* Session and terminal initialization skipped */
-  ...
-
-  char buffer[256];
-  int nbytes, nwritten;
-
-  while (ssh_channel_is_open(channel) &&
-         !ssh_channel_is_eof(channel))
-  {
-    nbytes = ssh_channel_read_nonblocking(channel, buffer, sizeof(buffer), 0);
-    if (nbytes < 0) return SSH_ERROR;
-    if (nbytes > 0)
-    {
-      nwritten = write(1, buffer, nbytes);
-      if (nwritten != nbytes) return SSH_ERROR;
-
-    if (!kbhit())
-    {
-      usleep(50000L); // 0.05 second
-      continue;
-    }
-
-    nbytes = read(0, buffer, sizeof(buffer));
-    if (nbytes < 0) return SSH_ERROR;
-    if (nbytes > 0)
-    {
-      nwritten = ssh_channel_write(channel, buffer, nbytes);
-      if (nwritten != nbytes) return SSH_ERROR;
-    }
-  }
-
-  return rc;
-}
-@endcode
-
-Of course, this is a poor terminal emulator, since the echo from the keys
-pressed should not be done locally, but should be done by the remote side.
-Also, user's input should not be sent once "Enter" key is pressed, but 
-immediately after each key is pressed. This can be accomplished
-by setting the local terminal to "raw" mode with the cfmakeraw(3) function.
-cfmakeraw() is a standard function under Linux, on other systems you can
-recode it with:
-
-@code
-static void cfmakeraw(struct termios *termios_p)
-{
-    termios_p->c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP|INLCR|IGNCR|ICRNL|IXON);
-    termios_p->c_oflag &= ~OPOST;
-    termios_p->c_lflag &= ~(ECHO|ECHONL|ICANON|ISIG|IEXTEN);
-    termios_p->c_cflag &= ~(CSIZE|PARENB);
-    termios_p->c_cflag |= CS8;
-}
-@endcode
-
-If you are not using a local terminal, but some kind of graphical
-environment, the solution to this kind of "echo" problems will be different.
-
-
-@subsection select_loop A more elaborate way to get the remote data
-
-*** Warning: ssh_select() and ssh_channel_select() are not relevant anymore,
-    since libssh is about to provide an easier system for asynchronous
-    communications. This subsection should be removed then. ***
-
-ssh_channel_read() and ssh_channel_read_nonblocking() functions are simple,
-but they are not adapted when you expect data from more than one SSH channel,
-or from other file descriptors. Last example showed how getting data from
-the standard input (the keyboard) at the same time as data from the SSH
-channel was complicated. The functions ssh_select() and ssh_channel_select()
-provide a more elegant way to wait for data coming from many sources.
-
-The functions ssh_select() and ssh_channel_select() remind of the standard
-UNIX select(2) function. The idea is to wait for "something" to happen:
-incoming data to be read, outcoming data to block, or an exception to
-occur. Both these functions do a "passive wait", i.e. you can safely use
-them repeatedly in a loop, it will not consume exaggerate processor time
-and make your computer unresponsive. It is quite common to use these
-functions in your application's main loop.
-
-The difference between ssh_select() and ssh_channel_select() is that 
-ssh_channel_select() is simpler, but allows you only to watch SSH channels.
-ssh_select() is more complete and enables watching regular file descriptors
-as well, in the same function call.
-
-Below is an example of a function that waits both for remote SSH data to come,
-as well as standard input from the keyboard:
-
-@code
-int interactive_shell_session(ssh_session session, ssh_channel channel)
-{
-  /* Session and terminal initialization skipped */
-  ...
-
-  char buffer[256];
-  int nbytes, nwritten;
-
-  while (ssh_channel_is_open(channel) &&
-         !ssh_channel_is_eof(channel))
-  {
-    struct timeval timeout;
-    ssh_channel in_channels[2], out_channels[2];
-    fd_set fds;
-    int maxfd;
-
-    timeout.tv_sec = 30;
-    timeout.tv_usec = 0;
-    in_channels[0] = channel;
-    in_channels[1] = NULL;
-    FD_ZERO(&fds);
-    FD_SET(0, &fds);
-    FD_SET(ssh_get_fd(session), &fds);
-    maxfd = ssh_get_fd(session) + 1;
-
-    ssh_select(in_channels, out_channels, maxfd, &fds, &timeout);
-
-    if (out_channels[0] != NULL)
-    {
-      nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-      if (nbytes < 0) return SSH_ERROR;
-      if (nbytes > 0)
-      {
-        nwritten = write(1, buffer, nbytes);
-        if (nwritten != nbytes) return SSH_ERROR;
-      }
-    }
-
-    if (FD_ISSET(0, &fds))
-    {
-      nbytes = read(0, buffer, sizeof(buffer));
-      if (nbytes < 0) return SSH_ERROR;
-      if (nbytes > 0)
-      {
-        nwritten = ssh_channel_write(channel, buffer, nbytes);
-        if (nbytes != nwritten) return SSH_ERROR;
-      }
-    }
-  }
-
-  return rc;
-}
-@endcode
-
-
-@subsection x11 Using graphical applications on the remote side
-
-If your remote application is graphical, you can forward the X11 protocol to
-your local computer.
-
-To do that, you first declare that you accept X11 connections with
-ssh_channel_accept_x11(). Then you create the forwarding tunnel for
-the X11 protocol with ssh_channel_request_x11().
-
-The following code performs channel initialization and shell session
-opening, and handles a parallel X11 connection:
-
-@code
-int interactive_shell_session(ssh_channel channel)
-{
-  int rc;
-  ssh_channel x11channel;
-
-  rc = ssh_channel_request_pty(channel);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_change_pty_size(channel, 80, 24);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_request_x11(channel, 0, NULL, NULL, 0);
-  if (rc != SSH_OK) return rc;
-
-  rc = ssh_channel_request_shell(channel);
-  if (rc != SSH_OK) return rc;
-
-  /* Read the data sent by the remote computer here */
-  ...
-}
-@endcode
-
-Don't forget to set the $DISPLAY environment variable on the remote
-side, or the remote applications won't try using the X11 tunnel:
-
-@code
-$ export DISPLAY=:0
-$ xclock &
-@endcode
-
-*/

doc/style.css

@@ -0,0 +1,184 @@
+
+body {
+background-color:#ddf;
+/*background-image:url(../back6.jpg);*/
+margin:10px 10px 10px 10px;
+}
+
+h1 {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+background-color:transparent;
+text-align:left;
+}
+h2 {
+font-family:verdana, sans-serif;
+font-size:100%;
+color:black;
+background-color:transparent;
+text-align:left;
+}
+h3 {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+background-color:transparent;
+text-align:left;
+}
+p {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+background-color:transparent;
+text-align:left;
+margin-left:0px;
+margin-right:0px;
+}
+li {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+background-color:transparent;
+text-align:left;
+margin-left:0px;
+margin-right:0px;
+}
+a:link {
+font-family:verdana, sans-serif;
+font-size:100%;
+color:black;
+background-color:transparent;
+text-decoration:underline;
+}
+a:visited {
+font-family:verdana, sans-serif;
+font-size:100%;
+color:black;
+background-color:transparent;
+text-decoration:underline;
+}
+a:hover {
+font-family:verdana, sans-serif;
+font-size:100%;
+color:black;
+background-color:transparent;
+text-decoration:underline;
+}
+
+table {
+border-color:transparent;
+border-style:solid;
+border-width:1px;
+}
+
+td {
+font-family:verdana, sans-serif;
+font-size:80%;
+color:black;
+text-align:left;
+background-color:transparent;
+border-color:transparent;
+border-style:solid;
+border-width:1px;
+}
+
+.tout {
+	margin: 5px;
+	padding: 0px;
+	border: 2px solid #aac;
+	background: #eef;
+	}
+	
+.prot {
+border-style:solid; 
+border-width:2px; 
+border-color:#88F;
+padding: 4px; 
+background-color:#cce;
+margin: 5px 5px 5px 5px;
+}
+
+.ex {
+border-style:solid; 
+border-width:2px; 
+border-color:#aaF;
+padding: 4px; 
+background-color:#dde;
+margin: 5px 5px 5px 5px;
+}
+.desc {
+border-style:solid; 
+border-width:3px; 
+border-color:#66F;
+padding: 4px; 
+background-color:#aac;
+margin: 15px 5px 20px 5px;
+}
+
+#titre {
+	margin: 5px;
+	padding: 0px;
+	border: 5px solid #aac;
+	background: #eef;
+	}
+
+#gauche {
+	float:left;
+	margin: 5px;
+	padding: 4px;
+	border: 5px solid #aac;
+	background: #bbf;
+	width: 130px;
+	}
+
+#droite {
+	position: relative;
+	top:5px;
+	left:165px;
+        margin: 5px 170px 5px 5px;
+	padding: 10px;
+	border: 5px solid #aac;
+	background: #bbf;
+}
+
+/* boutons */
+
+a.bouton:link{
+width:128px;
+height:34px;
+text-decoration:none;
+color:#aaa;
+text-align:center;
+font-weight:bold;
+/*background-color:#444;*/
+background-image:url(noclicked.png);
+}
+
+a.bouton:visited{
+width:128px;
+height:34px;
+text-decoration:none;
+color:#aaa;
+text-align:center;
+font-weight:bold;
+/*background-color:#444;*/
+background-image:url(noclicked.png);
+}
+
+a.bouton:hover{
+width:128px;
+height:34px;
+text-decoration:none;
+color:white;
+text-align:center;
+font-weight:bold;
+/*background-color:#888;*/
+background-image:url(clicked.png);
+}
+
+.bouton{
+ text-align:center;
+display:block;
+}
+

doc/tbd.dox

@@ -1,14 +0,0 @@
-/**
-@page libssh_tutor_todo To be done
-
-*** To be written ***
-
-@section sshd Writing a libssh-based server
-
-*** To be written ***
-
-@section cpp The libssh C++ wrapper
-
-*** To be written ***
-
-*/

doc/threading.dox

@@ -1,65 +0,0 @@
-/**
-@page libssh_tutor_threads Chapter 8: Threads with libssh
-@section threads_with_libssh How to use libssh with threads
-
-libssh may be used in multithreaded applications, but under several conditions :
- - Threading must be initialized during the initialization of libssh. This 
-   initialization must be done outside of any threading context.
- - If pthreads is being used by your application (or your framework's backend),
-   you must link with libssh_threads dynamic library and initialize 
-   threading with the ssh_threads_pthreads threading object.
- - If an other threading library is being used by your application, you must 
-   implement all the methods of the ssh_threads_callbacks_struct structure
-   and initialize libssh with it.
- - At all times, you may use different sessions inside threads, make parallel
-   connections, read/write on different sessions and so on. You *cannot* use a
-   single session (or channels for a single session) in several threads at the same 
-   time. This will most likely lead to internal state corruption. This limitation is
-   being worked out and will maybe disappear later.
-   
-@subsection threads_init Initialization of threads
-
-To initialize threading, you must first select the threading model you want to
-use, using ssh_threads_set_callbacks(), then call ssh_init().
-
-@code 
-#include <libssh/callbacks.h>
-...
-ssh_threads_set_callbacks(ssh_threads_get_noop());
-ssh_init();
-@endcode
-
-ssh_threads_noop is the threading structure that does nothing. It's the
-threading callbacks being used by default when you're not using threading.
-
-@subsection threads_pthread Using libpthread with libssh
-
-If your application is using libpthread, you may simply use the libpthread
-threading backend:
-
-@code
-#include <libssh/callbacks.h>
-...
-ssh_threads_set_callbacks(ssh_threads_get_pthread());
-ssh_init();
-@endcode
-
-However, you must be sure to link with the library ssh_threads. If 
-you're using gcc, you must use the commandline
-@code
-gcc -o output input.c -lssh -lssh_threads
-@endcode 
-
-
-@subsection threads_other Using another threading library
-
-You must find your way in the ssh_threads_callbacks_struct structure. You must
-implement the following methods :
-- mutex_lock
-- mutex_unlock
-- mutex_init
-- mutex_destroy
-- thread_id
-
-Good luck !
-*/

examples/CMakeLists.txt

@@ -1,4 +1,4 @@
-project(libssh-examples C CXX)
+project(libssh-examples C)
 
 set(examples_SRCS
   authentication.c
@@ -6,43 +6,33 @@ set(examples_SRCS
   connect_ssh.c
 )
 
+include_directories(
+  ${LIBSSH_PUBLIC_INCLUDE_DIRS}
+  ${LIBSSH_PRIVATE_INCLUDE_DIRS}  
+)
+
+add_executable(libssh_scp libssh_scp.c ${examples_SRCS})
+add_executable(scp_download scp_download.c ${examples_SRCS})
+add_executable(samplessh sample.c ${examples_SRCS})
+add_executable(exec exec.c ${examples_SRCS})
+
+target_link_libraries(libssh_scp ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(scp_download ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(samplessh ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(exec ${LIBSSH_SHARED_LIBRARY})
+
 include_directories(
   ${LIBSSH_PUBLIC_INCLUDE_DIRS}
   ${CMAKE_BINARY_DIR}
 )
 
-if (LINUX)
-    add_executable(libssh_scp libssh_scp.c ${examples_SRCS})
-    target_link_libraries(libssh_scp ${LIBSSH_SHARED_LIBRARY})
+if (WITH_SFTP)
+  add_executable(samplesftp samplesftp.c ${examples_SRCS})
+  target_link_libraries(samplesftp ${LIBSSH_SHARED_LIBRARY})
+endif (WITH_SFTP)
 
-    add_executable(scp_download scp_download.c ${examples_SRCS})
-    target_link_libraries(scp_download ${LIBSSH_SHARED_LIBRARY})
+if (WITH_SERVER)
+  add_executable(samplesshd samplesshd.c)
+  target_link_libraries(samplesshd ${LIBSSH_SHARED_LIBRARY})
+endif (WITH_SERVER)
 
-    add_executable(samplessh sample.c ${examples_SRCS})
-    target_link_libraries(samplessh ${LIBSSH_SHARED_LIBRARY})
-
-    add_executable(sshnetcat sshnetcat.c ${examples_SRCS})
-    target_link_libraries(sshnetcat ${LIBSSH_SHARED_LIBRARY})
-
-    if (WITH_SFTP)
-        add_executable(samplesftp samplesftp.c ${examples_SRCS})
-        target_link_libraries(samplesftp ${LIBSSH_SHARED_LIBRARY})
-    endif (WITH_SFTP)
-
-    if (WITH_SERVER)
-        add_executable(samplesshd samplesshd.c)
-        target_link_libraries(samplesshd ${LIBSSH_SHARED_LIBRARY})
-    endif (WITH_SERVER)
-endif (LINUX)
-
-add_executable(exec exec.c ${examples_SRCS})
-target_link_libraries(exec ${LIBSSH_SHARED_LIBRARY})
-
-add_executable(senddata senddata.c ${examples_SRCS})
-target_link_libraries(senddata ${LIBSSH_SHARED_LIBRARY})
-
-add_executable(libsshpp libsshpp.cpp)
-target_link_libraries(libsshpp ${LIBSSH_SHARED_LIBRARY})
-
-add_executable(libsshpp_noexcept libsshpp_noexcept.cpp)
-target_link_libraries(libsshpp_noexcept ${LIBSSH_SHARED_LIBRARY})

examples/authentication.c

@@ -18,109 +18,73 @@ clients must be made or how a client should react.
  */
 
 #include <stdio.h>
+#include <unistd.h>
 #include <stdlib.h>
 #include <string.h>
 
 #include <libssh/libssh.h>
 #include "examples_common.h"
 
-int authenticate_kbdint(ssh_session session, const char *password) {
-    int err;
-
-    err = ssh_userauth_kbdint(session, NULL, NULL);
-    while (err == SSH_AUTH_INFO) {
-        const char *instruction;
-        const char *name;
-        char buffer[128];
-        int i, n;
-
-        name = ssh_userauth_kbdint_getname(session);
-        instruction = ssh_userauth_kbdint_getinstruction(session);
-        n = ssh_userauth_kbdint_getnprompts(session);
-
-        if (name && strlen(name) > 0) {
-            printf("%s\n", name);
+int authenticate_kbdint(ssh_session session){
+  int err=ssh_userauth_kbdint(session,NULL,NULL);
+  const char *name, *instruction, *prompt;
+  char *ptr;
+  char buffer[128];
+  int i,n;
+  char echo;
+  while (err==SSH_AUTH_INFO){
+    name=ssh_userauth_kbdint_getname(session);
+    instruction=ssh_userauth_kbdint_getinstruction(session);
+    n=ssh_userauth_kbdint_getnprompts(session);
+    if(strlen(name)>0)
+      printf("%s\n",name);
+    if(strlen(instruction)>0)
+      printf("%s\n",instruction);
+    for(i=0;i<n;++i){
+      prompt=ssh_userauth_kbdint_getprompt(session,i,&echo);
+      if(echo){
+        printf("%s",prompt);
+        fgets(buffer,sizeof(buffer),stdin);
+        buffer[sizeof(buffer)-1]=0;
+        if((ptr=strchr(buffer,'\n')))
+          *ptr=0;
+        if (ssh_userauth_kbdint_setanswer(session,i,buffer) < 0) {
+          return SSH_AUTH_ERROR;
         }
-
-        if (instruction && strlen(instruction) > 0) {
-            printf("%s\n", instruction);
+        memset(buffer,0,strlen(buffer));
+      } else {
+        ptr=getpass(prompt);
+        if (ssh_userauth_kbdint_setanswer(session,i,ptr) < 0) {
+          return SSH_AUTH_ERROR;
         }
-
-        for (i = 0; i < n; i++) {
-            const char *answer;
-            const char *prompt;
-            char echo;
-
-            prompt = ssh_userauth_kbdint_getprompt(session, i, &echo);
-            if (prompt == NULL) {
-                break;
-            }
-
-            if (echo) {
-                char *p;
-
-                printf("%s", prompt);
-
-                if (fgets(buffer, sizeof(buffer), stdin) == NULL) {
-                    return SSH_AUTH_ERROR;
-                }
-
-                buffer[sizeof(buffer) - 1] = '\0';
-                if ((p = strchr(buffer, '\n'))) {
-                    *p = '\0';
-                }
-
-                if (ssh_userauth_kbdint_setanswer(session, i, buffer) < 0) {
-                    return SSH_AUTH_ERROR;
-                }
-
-                memset(buffer, 0, strlen(buffer));
-            } else {
-                if (password && strstr(prompt, "Password:")) {
-                    answer = password;
-                } else {
-                    buffer[0] = '\0';
-
-                    if (ssh_getpass(prompt, buffer, sizeof(buffer), 0, 0) < 0) {
-                        return SSH_AUTH_ERROR;
-                    }
-                    answer = buffer;
-                }
-                if (ssh_userauth_kbdint_setanswer(session, i, answer) < 0) {
-                    return SSH_AUTH_ERROR;
-                }
-            }
-        }
-        err=ssh_userauth_kbdint(session,NULL,NULL);
+      }
     }
-
-    return err;
-}
-
-static void error(ssh_session session){
-	fprintf(stderr,"Authentication failed: %s\n",ssh_get_error(session));
+    err=ssh_userauth_kbdint(session,NULL,NULL);
+  }
+  return err;
 }
 
 int authenticate_console(ssh_session session){
   int rc;
   int method;
-  char password[128] = {0};
+  char *password;
   char *banner;
 
   // Try to authenticate
   rc = ssh_userauth_none(session, NULL);
   if (rc == SSH_AUTH_ERROR) {
-    error(session);
+    perror("Authentication failed.");
     return rc;
   }
 
   method = ssh_auth_list(session);
   while (rc != SSH_AUTH_SUCCESS) {
+
     // Try to authenticate with public key first
     if (method & SSH_AUTH_METHOD_PUBLICKEY) {
       rc = ssh_userauth_autopubkey(session, NULL);
       if (rc == SSH_AUTH_ERROR) {
-      	error(session);
+        perror("Authentication failed.");
         return rc;
       } else if (rc == SSH_AUTH_SUCCESS) {
         break;
@@ -129,24 +93,21 @@ int authenticate_console(ssh_session session){
 
     // Try to authenticate with keyboard interactive";
     if (method & SSH_AUTH_METHOD_INTERACTIVE) {
-      rc = authenticate_kbdint(session, NULL);
+      rc = authenticate_kbdint(session);
       if (rc == SSH_AUTH_ERROR) {
-      	error(session);
+        perror("Authentication failed.");
         return rc;
       } else if (rc == SSH_AUTH_SUCCESS) {
         break;
       }
     }
 
-    if (ssh_getpass("Password: ", password, sizeof(password), 0, 0) < 0) {
-        return SSH_AUTH_ERROR;
-    }
-
+    password=getpass("Password: ");
     // Try to authenticate with password
     if (method & SSH_AUTH_METHOD_PASSWORD) {
       rc = ssh_userauth_password(session, NULL, password);
       if (rc == SSH_AUTH_ERROR) {
-      	error(session);
+        perror("Authentication failed.");
         return rc;
       } else if (rc == SSH_AUTH_SUCCESS) {
         break;
@@ -157,7 +118,7 @@ int authenticate_console(ssh_session session){
   banner = ssh_get_issue_banner(session);
   if (banner) {
     printf("%s\n",banner);
-    ssh_string_free_char(banner);
+    free(banner);
   }
 
   return rc;

examples/connect_ssh.c

@@ -32,25 +32,22 @@ ssh_session connect_ssh(const char *host, const char *user,int verbosity){
 
   if(user != NULL){
     if (ssh_options_set(session, SSH_OPTIONS_USER, user) < 0) {
-      ssh_free(session);
+      ssh_disconnect(session);
       return NULL;
     }
   }
 
   if (ssh_options_set(session, SSH_OPTIONS_HOST, host) < 0) {
-    ssh_free(session);
     return NULL;
   }
   ssh_options_set(session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity);
   if(ssh_connect(session)){
     fprintf(stderr,"Connection failed : %s\n",ssh_get_error(session));
     ssh_disconnect(session);
-    ssh_free(session);
     return NULL;
   }
   if(verify_knownhost(session)<0){
     ssh_disconnect(session);
-    ssh_free(session);
     return NULL;
   }
   auth=authenticate_console(session);
@@ -62,6 +59,5 @@ ssh_session connect_ssh(const char *host, const char *user,int verbosity){
     fprintf(stderr,"Error while authenticating : %s\n",ssh_get_error(session));
   }
   ssh_disconnect(session);
-  ssh_free(session);
   return NULL;
 }

examples/examples_common.h

@@ -15,7 +15,7 @@ clients must be made or how a client should react.
 
 #include <libssh/libssh.h>
 int authenticate_console(ssh_session session);
-int authenticate_kbdint(ssh_session session, const char *password);
+int authenticate_kbdint(ssh_session session);
 int verify_knownhost(ssh_session session);
 ssh_session connect_ssh(const char *hostname, const char *user, int verbosity);
 

examples/exec.c

@@ -5,62 +5,53 @@
 #include "examples_common.h"
 
 int main(void) {
-    ssh_session session;
-    ssh_channel channel;
-    char buffer[256];
-    int nbytes;
-    int rc;
-
-    session = connect_ssh("localhost", NULL, 0);
-    if (session == NULL) {
-        ssh_finalize();
-        return 1;
-    }
-
-    channel = ssh_channel_new(session);;
-    if (channel == NULL) {
-        ssh_disconnect(session);
-        ssh_free(session);
-        ssh_finalize();
-        return 1;
-    }
-
-    rc = ssh_channel_open_session(channel);
-    if (rc < 0) {
-        goto failed;
-    }
-
-    rc = ssh_channel_request_exec(channel, "lsof");
-    if (rc < 0) {
-        goto failed;
-    }
-
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    while (nbytes > 0) {
-        if (fwrite(buffer, 1, nbytes, stdout) != (unsigned int) nbytes) {
-            goto failed;
-        }
-        nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    }
-
-    if (nbytes < 0) {
-        goto failed;
-    }
-
-    ssh_channel_send_eof(channel);
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    ssh_disconnect(session);
-    ssh_free(session);
-    ssh_finalize();
-
-    return 0;
-failed:
-    ssh_channel_close(channel);
-    ssh_channel_free(channel);
-    ssh_disconnect(session);
-    ssh_free(session);
-    ssh_finalize();
+  ssh_session session;
+  ssh_channel channel;
+  char buf[4096];
+  int rc;
 
+  session = connect_ssh("localhost", NULL, 0);
+  if (session == NULL) {
     return 1;
+  }
+
+  channel = channel_new(session);;
+  if (channel == NULL) {
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+  rc = channel_open_session(channel);
+  if (rc < 0) {
+    channel_close(channel);
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+  rc = channel_request_exec(channel, "ps aux");
+  if (rc < 0) {
+    channel_close(channel);
+    ssh_disconnect(session);
+    ssh_finalize();
+    return 1;
+  }
+
+  do {
+    if (channel_is_open(channel)) {
+      rc = channel_read(channel, buf, sizeof(buf), 0);
+      if(rc > 0){
+        fwrite(buf,1,rc,stdout);
+      }
+    }
+  } while(rc > 0);
+
+  channel_send_eof(channel);
+  channel_close(channel);
+
+  ssh_disconnect(session);
+  ssh_finalize();
+
+  return 0;
 }

examples/knownhosts.c

@@ -20,15 +20,12 @@ clients must be made or how a client should react.
 #include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <unistd.h>
 #include <string.h>
 
 #include <libssh/libssh.h>
 #include "examples_common.h"
 
-#ifdef _WIN32
-#define strncasecmp _strnicmp
-#endif
-
 int verify_knownhost(ssh_session session){
   char *hexa;
   int state;
@@ -48,7 +45,7 @@ int verify_knownhost(ssh_session session){
     case SSH_SERVER_KNOWN_CHANGED:
       fprintf(stderr,"Host key for server changed : server's one is now :\n");
       ssh_print_hexa("Public key hash",hash, hlen);
-      ssh_clean_pubkey_hash(&hash);
+      free(hash);
       fprintf(stderr,"For security reason, connection will be stopped\n");
       return -1;
     case SSH_SERVER_FOUND_OTHER:
@@ -65,23 +62,16 @@ int verify_knownhost(ssh_session session){
       hexa = ssh_get_hexa(hash, hlen);
       fprintf(stderr,"The server is unknown. Do you trust the host key ?\n");
       fprintf(stderr, "Public key hash: %s\n", hexa);
-      ssh_string_free_char(hexa);
-      if (fgets(buf, sizeof(buf), stdin) == NULL) {
-	    ssh_clean_pubkey_hash(&hash);
-        return -1;
-      }
+      free(hexa);
+      fgets(buf,sizeof(buf),stdin);
       if(strncasecmp(buf,"yes",3)!=0){
-	    ssh_clean_pubkey_hash(&hash);
         return -1;
       }
       fprintf(stderr,"This new key will be written on disk for further usage. do you agree ?\n");
-      if (fgets(buf, sizeof(buf), stdin) == NULL) {
-	    ssh_clean_pubkey_hash(&hash);
-        return -1;
-      }
+      fgets(buf,sizeof(buf),stdin);
       if(strncasecmp(buf,"yes",3)==0){
         if (ssh_write_knownhost(session) < 0) {
-          ssh_clean_pubkey_hash(&hash);
+          free(hash);
           fprintf(stderr, "error %s\n", strerror(errno));
           return -1;
         }
@@ -89,10 +79,10 @@ int verify_knownhost(ssh_session session){
 
       break;
     case SSH_SERVER_ERROR:
-      ssh_clean_pubkey_hash(&hash);
+      free(hash);
       fprintf(stderr,"%s",ssh_get_error(session));
       return -1;
   }
-  ssh_clean_pubkey_hash(&hash);
+  free(hash);
   return 0;
 }

examples/libssh_scp.c

@@ -182,7 +182,7 @@ static int do_copy(struct location *src, struct location *dest, int recursive){
     fd=fileno(src->file);
     fstat(fd,&s);
     size=s.st_size;
-    mode = s.st_mode & ~S_IFMT;
+    mode=s.st_mode;
     filename=ssh_basename(src->path);
   } else {
     size=0;
@@ -207,7 +207,7 @@ static int do_copy(struct location *src, struct location *dest, int recursive){
   }
 
   if(dest->is_ssh){
-	  r=ssh_scp_push_file(dest->scp,src->path, size, mode);
+	  r=ssh_scp_push_file(dest->scp,src->path,size,0644);
 	  //  snprintf(buffer,sizeof(buffer),"C0644 %d %s\n",size,src->path);
 	  if(r==SSH_ERROR){
 		  fprintf(stderr,"error: %s\n",ssh_get_error(dest->session));

examples/libsshpp.cpp

@@ -1,33 +0,0 @@
-/*
-Copyright 2010 Aris Adamantiadis
-
-This file is part of the SSH Library
-
-You are free to copy this file, modify it in any way, consider it being public
-domain. This does not apply to the rest of the library though, but it is
-allowed to cut-and-paste working code from this file to any license of
-program.
-*/
-
-/* This file demonstrates the use of the C++ wrapper to libssh */
-
-#include <iostream>
-#include <string>
-#include <libssh/libsshpp.hpp>
-
-int main(int argc, const char **argv){
-  ssh::Session session;
-  try {
-    if(argc>1)
-      session.setOption(SSH_OPTIONS_HOST,argv[1]);
-    else
-      session.setOption(SSH_OPTIONS_HOST,"localhost");
-    session.connect();
-    session.userauthAutopubkey();
-    session.disconnect();
-  } catch (ssh::SshException e){
-    std::cout << "Error during connection : ";
-    std::cout << e.getError() << std::endl;
-  }
-  return 0;
-}

examples/libsshpp_noexcept.cpp

@@ -1,41 +0,0 @@
-/*
-Copyright 2010 Aris Adamantiadis
-
-This file is part of the SSH Library
-
-You are free to copy this file, modify it in any way, consider it being public
-domain. This does not apply to the rest of the library though, but it is
-allowed to cut-and-paste working code from this file to any license of
-program.
-*/
-
-/* This file demonstrates the use of the C++ wrapper to libssh
- * specifically, without C++ exceptions
- */
-
-#include <iostream>
-#define SSH_NO_CPP_EXCEPTIONS
-#include <libssh/libsshpp.hpp>
-
-int main(int argc, const char **argv){
-	ssh::Session session,s2;
-	int err;
-	if(argc>1)
-		err=session.setOption(SSH_OPTIONS_HOST,argv[1]);
-	else
-		err=session.setOption(SSH_OPTIONS_HOST,"localhost");
-	if(err==SSH_ERROR)
-		goto error;
-	err=session.connect();
-	if(err==SSH_ERROR)
-		goto error;
-	err=session.userauthAutopubkey();
-	if(err==SSH_ERROR)
-		goto error;
-
-	return 0;
-	error:
-	std::cout << "Error during connection : ";
-	std::cout << session.getError() << std::endl;
-	return 1;
-}

examples/sample.c

@@ -40,7 +40,11 @@ char *user;
 char *cmds[MAXCMD];
 struct termios terminal;
 
+#ifdef WITH_PCAP
+/* this header file won't be necessary in the future */
+#include <libssh/pcap.h>
 char *pcap_file=NULL;
+#endif
 
 char *proxycommand;
 
@@ -55,13 +59,10 @@ static int auth_callback(const char *prompt, char *buf, size_t len,
   if (echo) {
     while ((answer = fgets(buf, len, stdin)) == NULL);
     if ((ptr = strchr(buf, '\n'))) {
-      *ptr = '\0';
+      ptr = '\0';
     }
   } else {
-    if (ssh_getpass(prompt, buf, len, 0, 0) < 0) {
-        return -1;
-    }
-    return 0;
+    answer = getpass(prompt);
   }
 
   if (answer == NULL) {
@@ -112,15 +113,17 @@ static int opts(int argc, char **argv){
     /* insert your own arguments here */
     while((i=getopt(argc,argv,"T:P:"))!=-1){
         switch(i){
+#ifdef WITH_PCAP
         	case 'P':
         		pcap_file=optarg;
         		break;
+#endif
 #ifndef _WIN32
           case 'T':
             proxycommand=optarg;
             break;
 #endif
-          default:
+            default:
                 fprintf(stderr,"unknown option %c\n",optopt);
                 usage();
         }
@@ -176,7 +179,7 @@ static void setsignal(void){
 static void sizechanged(void){
     struct winsize win = { 0, 0, 0, 0 };
     ioctl(1, TIOCGWINSZ, &win);
-    ssh_channel_change_pty_size(chan,win.ws_col, win.ws_row);
+    channel_change_pty_size(chan,win.ws_col, win.ws_row);
 //    printf("Changed pty size\n");
     setsignal();
 }
@@ -199,7 +202,7 @@ static void select_loop(ssh_session session,ssh_channel channel){
     fd_set fds;
     struct timeval timeout;
     char buffer[4096];
-    ssh_buffer readbuf=ssh_buffer_new();
+    ssh_buffer readbuf=buffer_new();
     ssh_channel channels[2];
     int lus;
     int eof=0;
@@ -227,10 +230,10 @@ static void select_loop(ssh_session session,ssh_channel channel){
             if(FD_ISSET(0,&fds)){
                 lus=read(0,buffer,sizeof(buffer));
                 if(lus)
-                    ssh_channel_write(channel,buffer,lus);
+                    channel_write(channel,buffer,lus);
                 else {
                     eof=1;
-                    ssh_channel_send_eof(channel);
+                    channel_send_eof(channel);
                 }
             }
             if(FD_ISSET(ssh_get_fd(session),&fds)){
@@ -238,22 +241,22 @@ static void select_loop(ssh_session session,ssh_channel channel){
             }
             channels[0]=channel; // set the first channel we want to read from
             channels[1]=NULL;
-            ret=ssh_channel_select(channels,NULL,NULL,NULL); // no specific timeout - just poll
+            ret=channel_select(channels,NULL,NULL,NULL); // no specific timeout - just poll
             if(signal_delayed)
                 sizechanged();
         } while (ret==EINTR || ret==SSH_EINTR);
 
         // we already looked for input from stdin. Now, we are looking for input from the channel
 
-        if(channel && ssh_channel_is_closed(channel)){
-            ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
+        if(channel && channel_is_closed(channel)){
+            ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
 
-            ssh_channel_free(channel);
+            channel_free(channel);
             channel=NULL;
             channels[0]=NULL;
         }
         if(channels[0]){
-            while(channel && ssh_channel_is_open(channel) && ssh_channel_poll(channel,0)>0){
+            while(channel && channel_is_open(channel) && channel_poll(channel,0)){
                 lus=channel_read_buffer(channel,readbuf,0,0);
                 if(lus==-1){
                     fprintf(stderr, "Error reading channel: %s\n",
@@ -261,18 +264,15 @@ static void select_loop(ssh_session session,ssh_channel channel){
                     return;
                 }
                 if(lus==0){
-                    ssh_log(session,SSH_LOG_RARE,"EOF received");
-                    ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
+                    ssh_log(session,SSH_LOG_RARE,"EOF received\n");
+                    ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
 
-                    ssh_channel_free(channel);
+                    channel_free(channel);
                     channel=channels[0]=NULL;
                 } else
-                    if (write(1,ssh_buffer_get_begin(readbuf),lus) < 0) {
-                      fprintf(stderr, "Error writing to buffer\n");
-                      return;
-                    }
+                    write(1,buffer_get(readbuf),lus);
             }
-            while(channel && ssh_channel_is_open(channel) && ssh_channel_poll(channel,1)>0){ /* stderr */
+            while(channel && channel_is_open(channel) && channel_poll(channel,1)){ /* stderr */
                 lus=channel_read_buffer(channel,readbuf,0,1);
                 if(lus==-1){
                     fprintf(stderr, "Error reading channel: %s\n",
@@ -280,23 +280,20 @@ static void select_loop(ssh_session session,ssh_channel channel){
                     return;
                 }
                 if(lus==0){
-                    ssh_log(session,SSH_LOG_RARE,"EOF received");
-                    ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
-                    ssh_channel_free(channel);
+                    ssh_log(session,SSH_LOG_RARE,"EOF received\n");
+                    ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
+                    channel_free(channel);
                     channel=channels[0]=NULL;
                 } else
-                    if (write(2,ssh_buffer_get_begin(readbuf),lus) < 0) {
-                      fprintf(stderr, "Error writing to buffer\n");
-                      return;
-                    }
+                    write(2,buffer_get(readbuf),lus);
             }
         }
-        if(channel && ssh_channel_is_closed(channel)){
-            ssh_channel_free(channel);
+        if(channel && channel_is_closed(channel)){
+            channel_free(channel);
             channel=NULL;
         }
     }
-    ssh_buffer_free(readbuf);
+    buffer_free(readbuf);
 }
 #else /* CHANNEL_SELECT */
 
@@ -331,60 +328,54 @@ static void select_loop(ssh_session session,ssh_channel channel){
 			if(FD_ISSET(0,&fds)){
 				lus=read(0,buffer,sizeof(buffer));
 				if(lus)
-					ssh_channel_write(channel,buffer,lus);
+					channel_write(channel,buffer,lus);
 				else {
 					eof=1;
-					ssh_channel_send_eof(channel);
+					channel_send_eof(channel);
 				}
 			}
-			if(channel && ssh_channel_is_closed(channel)){
-				ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
+			if(channel && channel_is_closed(channel)){
+				ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
 
-				ssh_channel_free(channel);
+				channel_free(channel);
 				channel=NULL;
 				channels[0]=NULL;
 			}
 			if(outchannels[0]){
-				while(channel && ssh_channel_is_open(channel) && ssh_channel_poll(channel,0)!=0){
-					lus=ssh_channel_read(channel,buffer,sizeof(buffer),0);
+				while(channel && channel_is_open(channel) && channel_poll(channel,0)){
+					lus=channel_read(channel,buffer,sizeof(buffer),0);
 					if(lus==-1){
 						fprintf(stderr, "Error reading channel: %s\n",
 								ssh_get_error(session));
 						return;
 					}
 					if(lus==0){
-						ssh_log(session,SSH_LOG_RARE,"EOF received");
-						ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
+						ssh_log(session,SSH_LOG_RARE,"EOF received\n");
+						ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
 
-						ssh_channel_free(channel);
+						channel_free(channel);
 						channel=channels[0]=NULL;
 					} else
-					  if (write(1,buffer,lus) < 0) {
-					    fprintf(stderr, "Error writing to buffer\n");
-					    return;
-					  }
+						write(1,buffer,lus);
 				}
-				while(channel && ssh_channel_is_open(channel) && ssh_channel_poll(channel,1)!=0){ /* stderr */
-					lus=ssh_channel_read(channel,buffer,sizeof(buffer),1);
+				while(channel && channel_is_open(channel) && channel_poll(channel,1)){ /* stderr */
+					lus=channel_read(channel,buffer,sizeof(buffer),1);
 					if(lus==-1){
 						fprintf(stderr, "Error reading channel: %s\n",
 								ssh_get_error(session));
 						return;
 					}
 					if(lus==0){
-						ssh_log(session,SSH_LOG_RARE,"EOF received");
-						ssh_log(session,SSH_LOG_RARE,"exit-status : %d",ssh_channel_get_exit_status(channel));
-						ssh_channel_free(channel);
+						ssh_log(session,SSH_LOG_RARE,"EOF received\n");
+						ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
+						channel_free(channel);
 						channel=channels[0]=NULL;
 					} else
-					  if (write(2,buffer,lus) < 0) {
-					    fprintf(stderr, "Error writing to buffer\n");
-					    return;
-					  }
+						write(2,buffer,lus);
 				}
 			}
-			if(channel && ssh_channel_is_closed(channel)){
-				ssh_channel_free(channel);
+			if(channel && channel_is_closed(channel)){
+				channel_free(channel);
 				channel=NULL;
 			}
 		} while (ret==EINTR || ret==SSH_EINTR);
@@ -398,21 +389,21 @@ static void shell(ssh_session session){
     ssh_channel channel;
     struct termios terminal_local;
     int interactive=isatty(0);
-    channel = ssh_channel_new(session);
+    channel = channel_new(session);
     if(interactive){
         tcgetattr(0,&terminal_local);
         memcpy(&terminal,&terminal_local,sizeof(struct termios));
     }
-    if(ssh_channel_open_session(channel)){
+    if(channel_open_session(channel)){
         printf("error opening channel : %s\n",ssh_get_error(session));
         return;
     }
     chan=channel;
     if(interactive){
-        ssh_channel_request_pty(channel);
+        channel_request_pty(channel);
         sizechanged();
     }
-    if(ssh_channel_request_shell(channel)){
+    if(channel_request_shell(channel)){
         printf("Requesting shell : %s\n",ssh_get_error(session));
         return;
     }
@@ -431,14 +422,11 @@ static void batch_shell(ssh_session session){
     ssh_channel channel;
     char buffer[1024];
     int i,s=0;
-    for(i=0;i<MAXCMD && cmds[i];++i) {
+    for(i=0;i<MAXCMD && cmds[i];++i)
         s+=snprintf(buffer+s,sizeof(buffer)-s,"%s ",cmds[i]);
-		free(cmds[i]);
-		cmds[i] = NULL;
-	}
-    channel=ssh_channel_new(session);
-    ssh_channel_open_session(channel);
-    if(ssh_channel_request_exec(channel,buffer)){
+    channel=channel_new(session);
+    channel_open_session(channel);
+    if(channel_request_exec(channel,buffer)){
         printf("error executing \"%s\" : %s\n",buffer,ssh_get_error(session));
         return;
     }
@@ -485,14 +473,13 @@ static int client(ssh_session session){
   return 0;
 }
 
+#ifdef WITH_PCAP
 ssh_pcap_file pcap;
 void set_pcap(ssh_session session);
 void set_pcap(ssh_session session){
 	if(!pcap_file)
 		return;
 	pcap=ssh_pcap_file_new();
-	if(!pcap)
-		return;
 	if(ssh_pcap_file_open(pcap,pcap_file) == SSH_ERROR){
 		printf("Error opening pcap file\n");
 		ssh_pcap_file_free(pcap);
@@ -504,10 +491,10 @@ void set_pcap(ssh_session session){
 
 void cleanup_pcap(void);
 void cleanup_pcap(){
-	if(pcap)
-		ssh_pcap_file_free(pcap);
+	ssh_pcap_file_free(pcap);
 	pcap=NULL;
 }
+#endif
 
 int main(int argc, char **argv){
     ssh_session session;
@@ -524,13 +511,16 @@ int main(int argc, char **argv){
     }
     opts(argc,argv);
     signal(SIGTERM, do_exit);
-
+#ifdef WITH_PCAP
     set_pcap(session);
+#endif
     client(session);
 
     ssh_disconnect(session);
     ssh_free(session);
+#ifdef WITH_PCAP
     cleanup_pcap();
+#endif
 
     ssh_finalize();
 

examples/samplesftp.c

@@ -29,7 +29,7 @@ clients must be made or how a client should react.
 
 int verbosity;
 char *destination;
-#define DATALEN 65536
+
 static void do_sftp(ssh_session session){
     sftp_session sftp=sftp_new(session);
     sftp_dir dir;
@@ -40,7 +40,7 @@ static void do_sftp(ssh_session session){
     sftp_file to;
     int len=1;
     unsigned int i;
-    char data[DATALEN]={0};
+    char data[8000]={0};
     char *lnk;
 
     unsigned int count;
@@ -202,9 +202,9 @@ static void do_sftp(ssh_session session){
     printf("fichiers ferm\n");
     to=sftp_open(sftp,"/tmp/grosfichier",O_WRONLY|O_CREAT, 0644);
     for(i=0;i<1000;++i){
-        len=sftp_write(to,data,DATALEN);
+        len=sftp_write(to,data,8000);
         printf("wrote %d bytes\n",len);
-        if(len != DATALEN){
+        if(len != 8000){
             printf("chunk %d : %d (%s)\n",i,len,ssh_get_error(session));
         }
     }

examples/samplesshd.c

@@ -23,7 +23,7 @@ clients must be made or how a client should react.
 #include <stdlib.h>
 #include <string.h>
 #include <stdio.h>
-
+#include <unistd.h>
 #ifndef KEYS_FOLDER
 #ifdef _WIN32
 #define KEYS_FOLDER
@@ -32,32 +32,6 @@ clients must be made or how a client should react.
 #endif
 #endif
 
-#ifdef WITH_PCAP
-const char *pcap_file="debug.server.pcap";
-ssh_pcap_file pcap;
-
-void set_pcap(ssh_session session);
-void set_pcap(ssh_session session){
-	if(!pcap_file)
-		return;
-	pcap=ssh_pcap_file_new();
-	if(ssh_pcap_file_open(pcap,pcap_file) == SSH_ERROR){
-		printf("Error opening pcap file\n");
-		ssh_pcap_file_free(pcap);
-		pcap=NULL;
-		return;
-	}
-	ssh_set_pcap_file(session,pcap);
-}
-
-void cleanup_pcap(void);
-void cleanup_pcap(){
-	ssh_pcap_file_free(pcap);
-	pcap=NULL;
-}
-#endif
-
-
 static int auth_password(char *user, char *password){
     if(strcmp(user,"aris"))
         return 0;
@@ -173,7 +147,7 @@ int main(int argc, char **argv){
     ssh_bind sshbind;
     ssh_message message;
     ssh_channel chan=0;
-    char buf[2048];
+    ssh_buffer buf;
     int auth=0;
     int sftp=0;
     int i;
@@ -191,14 +165,7 @@ int main(int argc, char **argv){
      * be reflected in arguments.
      */
     argp_parse (&argp, argc, argv, 0, 0, sshbind);
-#else
-    (void) argc;
-    (void) argv;
 #endif
-#ifdef WITH_PCAP
-    set_pcap(session);
-#endif
-
     if(ssh_bind_listen(sshbind)<0){
         printf("Error listening to socket: %s\n",ssh_get_error(sshbind));
         return 1;
@@ -208,8 +175,8 @@ int main(int argc, char **argv){
       printf("error accepting a connection : %s\n",ssh_get_error(sshbind));
       return 1;
     }
-    if (ssh_handle_key_exchange(session)) {
-        printf("ssh_handle_key_exchange: %s\n", ssh_get_error(session));
+    if(ssh_accept(session)){
+        printf("ssh_accept: %s\n",ssh_get_error(session));
         return 1;
     }
     do {
@@ -287,21 +254,15 @@ int main(int argc, char **argv){
         return 1;
     }
     printf("it works !\n");
+    buf=buffer_new();
     do{
-        i=ssh_channel_read(chan,buf, 2048, 0);
-        if(i>0) {
-            ssh_channel_write(chan, buf, i);
-            if (write(1,buf,i) < 0) {
-                printf("error writing to buffer\n");
-                return 1;
-            }
-        }
+        i=channel_read_buffer(chan,buf,0,0);
+        if(i>0)
+            write(1,buffer_get(buf),buffer_get_len(buf));
     } while (i>0);
+    buffer_free(buf);
     ssh_disconnect(session);
     ssh_bind_free(sshbind);
-#ifdef WITH_PCAP
-    cleanup_pcap();
-#endif
     ssh_finalize();
     return 0;
 }

examples/scp_download.c

@@ -56,34 +56,26 @@ static int opts(int argc, char **argv){
 }
 
 static void create_files(ssh_session session){
-	ssh_channel channel=ssh_channel_new(session);
+	ssh_channel channel=channel_new(session);
 	char buffer[1];
 	if(channel == NULL){
 		fprintf(stderr,"Error creating channel: %s\n",ssh_get_error(session));
 		exit(EXIT_FAILURE);
 	}
-	if(ssh_channel_open_session(channel) != SSH_OK){
+	if(channel_open_session(channel) != SSH_OK){
 		fprintf(stderr,"Error creating channel: %s\n",ssh_get_error(session));
-		ssh_channel_free(channel);
 		exit(EXIT_FAILURE);
 	}
-	if(ssh_channel_request_exec(channel,createcommand) != SSH_OK){
+	if(channel_request_exec(channel,createcommand) != SSH_OK){
 		fprintf(stderr,"Error executing command: %s\n",ssh_get_error(session));
-		ssh_channel_close(channel);
-		ssh_channel_free(channel);
 		exit(EXIT_FAILURE);
 	}
-	while(!ssh_channel_is_eof(channel)){
-		ssh_channel_read(channel,buffer,1,1);
-		if (write(1,buffer,1) < 0) {
-                    fprintf(stderr, "Error writing to buffer\n");
-                    ssh_channel_close(channel);
-                    ssh_channel_free(channel);
-                    return;
-                }
+	while(!channel_is_eof(channel)){
+		channel_read(channel,buffer,1,1);
+		write(1,buffer,1);
 	}
-	ssh_channel_close(channel);
-	ssh_channel_free(channel);
+	channel_close(channel);
+	channel_free(channel);
 }
 
 
@@ -96,7 +88,6 @@ static int fetch_files(ssh_session session){
   ssh_scp scp=ssh_scp_new(session, SSH_SCP_READ | SSH_SCP_RECURSIVE, "/tmp/libssh_tests/*");
   if(ssh_scp_init(scp) != SSH_OK){
 	  fprintf(stderr,"error initializing scp: %s\n",ssh_get_error(session));
-	  ssh_scp_free(scp);
 	  return -1;
   }
   printf("Trying to download 3 files (a,b,d) and 1 directory (c)\n");
@@ -114,16 +105,12 @@ static int fetch_files(ssh_session session){
 		  r=ssh_scp_read(scp,buffer,sizeof(buffer));
 		  if(r==SSH_ERROR){
 			  fprintf(stderr,"Error reading scp: %s\n",ssh_get_error(session));
-			  ssh_scp_close(scp);
-			  ssh_scp_free(scp);
 			  return -1;
 		  }
 		  printf("done\n");
 		  break;
 	  case SSH_ERROR:
 		  fprintf(stderr,"Error: %s\n",ssh_get_error(session));
-		  ssh_scp_close(scp);
-		  ssh_scp_free(scp);
 		  return -1;
 	  case SSH_SCP_REQUEST_WARNING:
 		  fprintf(stderr,"Warning: %s\n",ssh_scp_request_get_warning(scp));
@@ -144,8 +131,6 @@ static int fetch_files(ssh_session session){
 	  }
   } while (1);
   end:
-  ssh_scp_close(scp);
-  ssh_scp_free(scp);
   return 0;
 }
 
@@ -159,7 +144,6 @@ int main(int argc, char **argv){
   create_files(session);
   fetch_files(session);
   ssh_disconnect(session);
-  ssh_free(session);
   ssh_finalize();
   return 0;
 }

examples/senddata.c

@@ -1,64 +0,0 @@
-#include <stdio.h>
-
-#include <libssh/libssh.h>
-#include "examples_common.h"
-
-#define LIMIT 0x100000000
-
-int main(void) {
-  ssh_session session;
-  ssh_channel channel;
-  char buffer[1024*1024];
-  int rc;
-  uint64_t total=0;
-  uint64_t lastshown=4096;
-  session = connect_ssh("localhost", NULL, 0);
-  if (session == NULL) {
-    return 1;
-  }
-
-  channel = ssh_channel_new(session);;
-  if (channel == NULL) {
-    ssh_disconnect(session);
-    return 1;
-  }
-
-  rc = ssh_channel_open_session(channel);
-  if (rc < 0) {
-    ssh_channel_close(channel);
-    ssh_disconnect(session);
-    return 1;
-  }
-
-  rc = ssh_channel_request_exec(channel, "cat > /dev/null");
-  if (rc < 0) {
-    ssh_channel_close(channel);
-    ssh_disconnect(session);
-    return 1;
-  }
-
-
-  while ((rc = ssh_channel_write(channel, buffer, sizeof(buffer))) > 0) {
-    total += rc;
-    if(total/2 >= lastshown){
-      printf("written %llx\n", (long long unsigned int) total);
-      lastshown=total;
-    }
-    if(total > LIMIT)
-      break;
-  }
-    
-  if (rc < 0) {
-    printf("error : %s\n",ssh_get_error(session));
-    ssh_channel_close(channel);
-    ssh_disconnect(session);
-    return 1;
-  }
-
-  ssh_channel_send_eof(channel);
-  ssh_channel_close(channel);
-
-  ssh_disconnect(session);
-
-  return 0;
-}

examples/sshnetcat.c

@@ -1,258 +0,0 @@
-/*
-Copyright 2010 Aris Adamantiadis
-
-This file is part of the SSH Library
-
-You are free to copy this file, modify it in any way, consider it being public
-domain. This does not apply to the rest of the library though, but it is
-allowed to cut-and-paste working code from this file to any license of
-program.
-The goal is to show the API in action. It's not a reference on how terminal
-clients must be made or how a client should react.
-*/
-
-#include "config.h"
-#include <stdio.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <string.h>
-#include <termios.h>
-
-#include <sys/select.h>
-#include <sys/time.h>
-
-#include <sys/ioctl.h>
-#include <errno.h>
-#include <libssh/callbacks.h>
-#include <libssh/libssh.h>
-#include <libssh/sftp.h>
-
-#include <fcntl.h>
-
-#include "examples_common.h"
-char *host;
-const char *desthost="localhost";
-const char *port="22";
-
-#ifdef WITH_PCAP
-#include <libssh/pcap.h>
-char *pcap_file=NULL;
-#endif
-
-static void usage(){
-  fprintf(stderr,"Usage : sshnetcat [user@]host forwarded_host forwarded_port\n");
-  exit(1);
-}
-
-static int opts(int argc, char **argv){
-    int i;
-    while((i=getopt(argc,argv,"P:"))!=-1){
-        switch(i){
-#ifdef WITH_PCAP
-        	case 'P':
-        		pcap_file=optarg;
-        		break;
-#endif
-            default:
-                fprintf(stderr,"unknown option %c\n",optopt);
-                usage();
-        }
-    }
-    if(optind < argc)
-        host=argv[optind++];
-    if(optind < argc)
-        desthost=argv[optind++];
-    if(optind < argc)
-        port=argv[optind++];
-    if(host==NULL)
-        usage();
-    return 0;
-}
-
-static void select_loop(ssh_session session,ssh_channel channel){
-	fd_set fds;
-	struct timeval timeout;
-	char buffer[4096];
-	/* channels will be set to the channels to poll.
-	 * outchannels will contain the result of the poll
-	 */
-	ssh_channel channels[2], outchannels[2];
-	int lus;
-	int eof=0;
-	int maxfd;
-	int ret;
-	while(channel){
-		do{
-			FD_ZERO(&fds);
-			if(!eof)
-				FD_SET(0,&fds);
-			timeout.tv_sec=30;
-			timeout.tv_usec=0;
-			FD_SET(ssh_get_fd(session),&fds);
-			maxfd=ssh_get_fd(session)+1;
-			channels[0]=channel; // set the first channel we want to read from
-			channels[1]=NULL;
-			ret=ssh_select(channels,outchannels,maxfd,&fds,&timeout);
-			if(ret==EINTR)
-				continue;
-			if(FD_ISSET(0,&fds)){
-				lus=read(0,buffer,sizeof(buffer));
-				if(lus)
-					channel_write(channel,buffer,lus);
-				else {
-					eof=1;
-					channel_send_eof(channel);
-				}
-			}
-			if(channel && channel_is_closed(channel)){
-				ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
-
-				channel_free(channel);
-				channel=NULL;
-				channels[0]=NULL;
-			}
-			if(outchannels[0]){
-				while(channel && channel_is_open(channel) && channel_poll(channel,0)){
-					lus=channel_read(channel,buffer,sizeof(buffer),0);
-					if(lus==-1){
-						fprintf(stderr, "Error reading channel: %s\n",
-								ssh_get_error(session));
-						return;
-					}
-					if(lus==0){
-						ssh_log(session,SSH_LOG_RARE,"EOF received\n");
-						ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
-
-						channel_free(channel);
-						channel=channels[0]=NULL;
-					} else {
-						ret = write(1, buffer, lus);
-						if (ret < 0) {
-							fprintf(stderr, "Error writing to stdin: %s",
-								strerror(errno));
-							return;
-						}
-					}
-				}
-				while(channel && channel_is_open(channel) && channel_poll(channel,1)){ /* stderr */
-					lus=channel_read(channel,buffer,sizeof(buffer),1);
-					if(lus==-1){
-						fprintf(stderr, "Error reading channel: %s\n",
-								ssh_get_error(session));
-						return;
-					}
-					if(lus==0){
-						ssh_log(session,SSH_LOG_RARE,"EOF received\n");
-						ssh_log(session,SSH_LOG_RARE,"exit-status : %d\n",channel_get_exit_status(channel));
-						channel_free(channel);
-						channel=channels[0]=NULL;
-					} else
-						ret = write(2, buffer, lus);
-						if (ret < 0) {
-							fprintf(stderr, "Error writing to stderr: %s",
-								strerror(errno));
-							return;
-						}
-				}
-			}
-			if(channel && channel_is_closed(channel)){
-				channel_free(channel);
-				channel=NULL;
-			}
-		} while (ret==EINTR || ret==SSH_EINTR);
-
-	}
-}
-
-static void forwarding(ssh_session session){
-    ssh_channel channel;
-    int r;
-    channel=channel_new(session);
-    r=channel_open_forward(channel,desthost,atoi(port),"localhost",22);
-    if(r<0) {
-        printf("error forwarding port : %s\n",ssh_get_error(session));
-        return;
-    }
-    select_loop(session,channel);
-}
-
-static int client(ssh_session session){
-  int auth=0;
-  char *banner;
-  int state;
-
-  if (ssh_options_set(session, SSH_OPTIONS_HOST ,host) < 0)
-    return -1;
-  ssh_options_parse_config(session, NULL);
-
-  if(ssh_connect(session)){
-      fprintf(stderr,"Connection failed : %s\n",ssh_get_error(session));
-      return -1;
-  }
-  state=verify_knownhost(session);
-  if (state != 0)
-  	return -1;
-  ssh_userauth_none(session, NULL);
-  banner=ssh_get_issue_banner(session);
-  if(banner){
-      printf("%s\n",banner);
-      free(banner);
-  }
-  auth=authenticate_console(session);
-  if(auth != SSH_AUTH_SUCCESS){
-  	return -1;
-  }
-  ssh_log(session, SSH_LOG_FUNCTIONS, "Authentication success");
- 	forwarding(session);
-  return 0;
-}
-
-#ifdef WITH_PCAP
-ssh_pcap_file pcap;
-void set_pcap(ssh_session session);
-void set_pcap(ssh_session session){
-	if(!pcap_file)
-		return;
-	pcap=ssh_pcap_file_new();
-	if(ssh_pcap_file_open(pcap,pcap_file) == SSH_ERROR){
-		printf("Error opening pcap file\n");
-		ssh_pcap_file_free(pcap);
-		pcap=NULL;
-		return;
-	}
-	ssh_set_pcap_file(session,pcap);
-}
-
-void cleanup_pcap(void);
-void cleanup_pcap(){
-	ssh_pcap_file_free(pcap);
-	pcap=NULL;
-}
-#endif
-
-int main(int argc, char **argv){
-    ssh_session session;
-
-    session = ssh_new();
-
-    if(ssh_options_getopt(session, &argc, argv)) {
-      fprintf(stderr, "error parsing command line :%s\n",
-          ssh_get_error(session));
-      usage();
-    }
-    opts(argc,argv);
-#ifdef WITH_PCAP
-    set_pcap(session);
-#endif
-    client(session);
-
-    ssh_disconnect(session);
-    ssh_free(session);
-#ifdef WITH_PCAP
-    cleanup_pcap();
-#endif
-
-    ssh_finalize();
-
-    return 0;
-}

include/libssh/CMakeLists.txt

@@ -4,7 +4,6 @@ set(libssh_HDRS
   callbacks.h
   libssh.h
   ssh2.h
-  legacy.h
 )
 
 if (WITH_SFTP)

include/libssh/agent.h

@@ -48,7 +48,7 @@
 #define SSH_AGENT_OLD_SIGNATURE                  0x01
 
 struct ssh_agent_struct {
-  struct ssh_socket_struct *sock;
+  struct socket *sock;
   ssh_buffer ident;
   unsigned int count;
 };

include/libssh/auth.h

@@ -1,86 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2009 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef AUTH_H_
-#define AUTH_H_
-#include "config.h"
-#include "libssh/callbacks.h"
-
-SSH_PACKET_CALLBACK(ssh_packet_userauth_banner);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_failure);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_success);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request);
-
-#ifdef WITH_SSH1
-void ssh_auth1_handler(ssh_session session, uint8_t type);
-
-/* auth1.c */
-int ssh_userauth1_none(ssh_session session, const char *username);
-int ssh_userauth1_offer_pubkey(ssh_session session, const char *username,
-        int type, ssh_string pubkey);
-int ssh_userauth1_password(ssh_session session, const char *username,
-        const char *password);
-
-
-#endif
-
-/** @internal
- * States of authentication in the client-side. They describe
- * what was the last response from the server
- */
-enum ssh_auth_state_e {
-  /** No authentication asked */
-  SSH_AUTH_STATE_NONE=0,
-  /** Last authentication response was a partial success */
-  SSH_AUTH_STATE_PARTIAL,
-  /** Last authentication response was a success */
-  SSH_AUTH_STATE_SUCCESS,
-  /** Last authentication response was failed */
-  SSH_AUTH_STATE_FAILED,
-  /** Last authentication was erroneous */
-  SSH_AUTH_STATE_ERROR,
-  /** Last state was a keyboard-interactive ask for info */
-  SSH_AUTH_STATE_INFO,
-  /** Last state was a public key accepted for authentication */
-  SSH_AUTH_STATE_PK_OK,
-  /** We asked for a keyboard-interactive authentication */
-  SSH_AUTH_STATE_KBDINT_SENT
-
-};
-
-/** @internal
- * @brief states of the authentication service request
- */
-enum ssh_auth_service_state_e {
-  /** initial state */
-  SSH_AUTH_SERVICE_NONE=0,
-  /** Authentication service request packet sent */
-  SSH_AUTH_SERVICE_SENT,
-  /** Service accepted */
-  SSH_AUTH_SERVICE_ACCEPTED,
-  /** Access to service denied (fatal) */
-  SSH_AUTH_SERVICE_DENIED,
-  /** Specific to SSH1 */
-  SSH_AUTH_SERVICE_USER_SENT
-};
-
-#endif /* AUTH_H_ */

include/libssh/bind.h

@@ -1,50 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef BIND_H_
-#define BIND_H_
-
-#include "libssh/priv.h"
-#include "libssh/session.h"
-
-struct ssh_bind_struct {
-  struct ssh_common_struct common; /* stuff common to ssh_bind and ssh_session */
-  struct ssh_bind_callbacks_struct *bind_callbacks;
-  void *bind_callbacks_userdata;
-
-  struct ssh_poll_handle_struct *poll;
-  /* options */
-  char *wanted_methods[10];
-  char *banner;
-  char *dsakey;
-  char *rsakey;
-  char *bindaddr;
-  socket_t bindfd;
-  unsigned int bindport;
-  int blocking;
-  int toaccept;
-};
-
-struct ssh_poll_handle_struct *ssh_bind_get_poll(struct ssh_bind_struct
-    *sshbind);
-
-
-#endif /* BIND_H_ */

include/libssh/buffer.h

@@ -22,14 +22,7 @@
 #ifndef BUFFER_H_
 #define BUFFER_H_
 
-#include "libssh/libssh.h"
-/*
- * Describes a buffer state
- * [XXXXXXXXXXXXDATA PAYLOAD       XXXXXXXXXXXXXXXXXXXXXXXX]
- * ^            ^                  ^                       ^]
- * \_data points\_pos points here  \_used points here |    /
- *   here                                          Allocated
- */
+/* Describes a buffer state */
 struct ssh_buffer_struct {
     char *data;
     uint32_t used;
@@ -37,10 +30,6 @@ struct ssh_buffer_struct {
     uint32_t pos;
 };
 
-LIBSSH_API void ssh_buffer_free(ssh_buffer buffer);
-LIBSSH_API void *ssh_buffer_get_begin(ssh_buffer buffer);
-LIBSSH_API uint32_t ssh_buffer_get_len(ssh_buffer buffer);
-LIBSSH_API ssh_buffer ssh_buffer_new(void);
 int buffer_add_ssh_string(ssh_buffer buffer, ssh_string string);
 int buffer_add_u8(ssh_buffer buffer, uint8_t data);
 int buffer_add_u16(ssh_buffer buffer, uint16_t data);

include/libssh/callbacks.h

@@ -33,37 +33,6 @@
 extern "C" {
 #endif
 
-/**
- * @defgroup libssh_callbacks The libssh callbacks
- * @ingroup libssh
- *
- * Callback which can be replaced in libssh.
- *
- * @{
- */
-
-/** @internal
- * @brief callback to process simple codes
- * @param code value to transmit
- * @param user Userdata to pass in callback
- */
-typedef void (*ssh_callback_int) (int code, void *user);
-
-/** @internal
- * @brief callback for data received messages.
- * @param data data retrieved from the socket or stream
- * @param len number of bytes available from this stream
- * @param user user-supplied pointer sent along with all callback messages
- * @returns number of bytes processed by the callee. The remaining bytes will
- * be sent in the next callback message, when more data is available.
- */
-typedef int (*ssh_callback_data) (const void *data, size_t len, void *user);
-
-typedef void (*ssh_callback_int_int) (int code, int errno_code, void *user);
-
-typedef int (*ssh_message_callback) (ssh_session, ssh_message message, void *user);
-typedef int (*ssh_channel_callback_int) (ssh_channel channel, int code, void *user);
-typedef int (*ssh_channel_callback_data) (ssh_channel channel, int code, void *data, size_t len, void *user);
 /**
  * @brief SSH authentication callback.
  *
@@ -77,110 +46,33 @@ typedef int (*ssh_channel_callback_data) (ssh_channel channel, int code, void *d
  *
  * @return              0 on success, < 0 on error.
  */
-
 typedef int (*ssh_auth_callback) (const char *prompt, char *buf, size_t len,
     int echo, int verify, void *userdata);
-/**
- * @brief SSH log callback. All logging messages will go through this callback
- * @param session Current session handler
- * @param priority Priority of the log, the smaller being the more important
- * @param message the actual message
- * @param userdata Userdata to be passed to the callback function.
- */
 typedef void (*ssh_log_callback) (ssh_session session, int priority,
     const char *message, void *userdata);
-
-/**
- * @brief SSH Connection status callback.
- * @param session Current session handler
- * @param status Percentage of connection status, going from 0.0 to 1.0
- * once connection is done.
- * @param userdata Userdata to be passed to the callback function.
- */
+/** this callback will be called with status going from 0.0 to 1.0 during
+ * connection */
 typedef void (*ssh_status_callback) (ssh_session session, float status,
 		void *userdata);
 
-/**
- * @brief SSH global request callback. All global request will go through this
- * callback.
- * @param session Current session handler
- * @param message the actual message
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_global_request_callback) (ssh_session session,
-                                        ssh_message message, void *userdata);
-
-/**
- * The structure to replace libssh functions with appropriate callbacks.
- */
 struct ssh_callbacks_struct {
-  /** DON'T SET THIS use ssh_callbacks_init() instead. */
-  size_t size;
-  /**
-   * User-provided data. User is free to set anything he wants here
-   */
-  void *userdata;
-  /**
-   * This functions will be called if e.g. a keyphrase is needed.
-   */
-  ssh_auth_callback auth_function;
-  /**
-   * This function will be called each time a loggable event happens.
-   */
-  ssh_log_callback log_function;
-  /**
-   * This function gets called during connection time to indicate the
-   * percentage of connection steps completed.
-   */
-  void (*connect_status_function)(void *userdata, float status);
-  /**
-   * This function will be called each time a global request is received.
-   */
-  ssh_global_request_callback global_request_function;
-};
-typedef struct ssh_callbacks_struct *ssh_callbacks;
-
-/**
- * These are the callbacks exported by the socket structure
- * They are called by the socket module when a socket event appears
- */
-struct ssh_socket_callbacks_struct {
-  /**
-   * User-provided data. User is free to set anything he wants here
-   */
-  void *userdata;
-	/**
-	 * This function will be called each time data appears on socket. The data
-	 * not consumed will appear on the next data event.
+	/** size of this structure. internal, shoud be set with ssh_callbacks_init()*/
+	size_t size;
+	/** User-provided data. User is free to set anything he wants here */
+	void *userdata;
+	/** this functions will be called if e.g. a keyphrase is needed. */
+	ssh_auth_callback auth_function;
+	/** this function will be called each time a loggable event happens. */
+	ssh_log_callback log_function;
+	/** this function gets called during connection time to indicate the percentage
+	 * of connection steps completed.
 	 */
-  ssh_callback_data data;
-  /** This function will be called each time a controlflow state changes, i.e.
-   * the socket is available for reading or writing.
-   */
-  ssh_callback_int controlflow;
-  /** This function will be called each time an exception appears on socket. An
-   * exception can be a socket problem (timeout, ...) or an end-of-file.
-   */
-  ssh_callback_int_int exception;
-  /** This function is called when the ssh_socket_connect was used on the socket
-   * on nonblocking state, and the connection successed.
-   */
-  ssh_callback_int_int connected;
+  void (*connect_status_function)(void *userdata, float status);
 };
-typedef struct ssh_socket_callbacks_struct *ssh_socket_callbacks;
 
-#define SSH_SOCKET_FLOW_WRITEWILLBLOCK 1
-#define SSH_SOCKET_FLOW_WRITEWONTBLOCK 2
+typedef struct ssh_callbacks_struct * ssh_callbacks;
 
-#define SSH_SOCKET_EXCEPTION_EOF 	     1
-#define SSH_SOCKET_EXCEPTION_ERROR     2
-
-#define SSH_SOCKET_CONNECTED_OK 			1
-#define SSH_SOCKET_CONNECTED_ERROR 		2
-#define SSH_SOCKET_CONNECTED_TIMEOUT 	3
-
-/**
- * @brief Initializes an ssh_callbacks_struct
+/** Initializes an ssh_callbacks_struct
  * A call to this macro is mandatory when you have set a new
  * ssh_callback_struct structure. Its goal is to maintain the binary
  * compatibility with future versions of libssh as the structure
@@ -191,273 +83,31 @@ typedef struct ssh_socket_callbacks_struct *ssh_socket_callbacks;
 } while(0);
 
 /**
- * @internal
- * @brief tests if a callback can be called without crash
- *  verifies that the struct size if big enough
- *  verifies that the callback pointer exists
- * @param p callback pointer
- * @param c callback name
- * @returns nonzero if callback can be called
- */
-#define ssh_callbacks_exists(p,c) (\
-  (p != NULL) && ( (char *)&((p)-> c) < (char *)(p) + (p)->size ) && \
-  ((p)-> c != NULL) \
-  )
-
-/** @brief Prototype for a packet callback, to be called when a new packet arrives
- * @param session The current session of the packet
- * @param type packet type (see ssh2.h)
- * @param packet buffer containing the packet, excluding size, type and padding fields
- * @param user user argument to the callback
- * and are called each time a packet shows up
- * @returns SSH_PACKET_USED Packet was parsed and used
- * @returns SSH_PACKET_NOT_USED Packet was not used or understood, processing must continue
- */
-typedef int (*ssh_packet_callback) (ssh_session session, uint8_t type, ssh_buffer packet, void *user);
-
-/** return values for a ssh_packet_callback */
-/** Packet was used and should not be parsed by another callback */
-#define SSH_PACKET_USED 1
-/** Packet was not used and should be passed to any other callback
- * available */
-#define SSH_PACKET_NOT_USED 2
-
-
-/** @brief This macro declares a packet callback handler
- * @code
- * SSH_PACKET_CALLBACK(mycallback){
- * ...
- * }
- * @endcode
- */
-#define SSH_PACKET_CALLBACK(name) \
-	int name (ssh_session session, uint8_t type, ssh_buffer packet, void *user)
-
-struct ssh_packet_callbacks_struct {
-	/** Index of the first packet type being handled */
-	uint8_t start;
-	/** Number of packets being handled by this callback struct */
-	uint8_t n_callbacks;
-	/** A pointer to n_callbacks packet callbacks */
-	ssh_packet_callback *callbacks;
-  /**
-   * User-provided data. User is free to set anything he wants here
-   */
-	void *user;
-};
-
-typedef struct ssh_packet_callbacks_struct *ssh_packet_callbacks;
-
-/**
- * @brief Set the session callback functions.
+ * @brief Set the callback functions.
  *
  * This functions sets the callback structure to use your own callback
  * functions for auth, logging and status.
  *
  * @code
- * struct ssh_callbacks_struct cb = {
- *   .userdata = data,
- *   .auth_function = my_auth_function
- * };
+ * struct ssh_callbacks_struct cb;
+ * memset(&cb, 0, sizeof(struct ssh_callbacks_struct));
+ * cb.userdata = data;
+ * cb.auth_function = my_auth_function;
+ *
  * ssh_callbacks_init(&cb);
  * ssh_set_callbacks(session, &cb);
  * @endcode
  *
  * @param  session      The session to set the callback structure.
  *
- * @param  cb           The callback structure itself.
+ * @param  cb           The callback itself.
  *
- * @return SSH_OK on success, SSH_ERROR on error.
+ * @return 0 on success, < 0 on error.
  */
 LIBSSH_API int ssh_set_callbacks(ssh_session session, ssh_callbacks cb);
 
-/**
- * @brief SSH channel data callback. Called when data is available on a channel
- * @param session Current session handler
- * @param channel the actual channel
- * @param data the data that has been read on the channel
- * @param len the length of the data
- * @param is_stderr is 0 for stdout or 1 for stderr
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef int (*ssh_channel_data_callback) (ssh_session session,
-                                           ssh_channel channel,
-                                           void *data,
-                                           uint32_t len,
-                                           int is_stderr,
-                                           void *userdata);
-
-/**
- * @brief SSH channel eof callback. Called when a channel receives EOF
- * @param session Current session handler
- * @param channel the actual channel
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_eof_callback) (ssh_session session,
-                                           ssh_channel channel,
-                                           void *userdata);
-
-/**
- * @brief SSH channel close callback. Called when a channel is closed by remote peer
- * @param session Current session handler
- * @param channel the actual channel
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_close_callback) (ssh_session session,
-                                            ssh_channel channel,
-                                            void *userdata);
-
-/**
- * @brief SSH channel signal callback. Called when a channel has received a signal
- * @param session Current session handler
- * @param channel the actual channel
- * @param signal the signal name (without the SIG prefix)
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_signal_callback) (ssh_session session,
-                                            ssh_channel channel,
-                                            const char *signal,
-                                            void *userdata);
-
-/**
- * @brief SSH channel exit status callback. Called when a channel has received an exit status
- * @param session Current session handler
- * @param channel the actual channel
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_exit_status_callback) (ssh_session session,
-                                            ssh_channel channel,
-                                            int exit_status,
-                                            void *userdata);
-
-/**
- * @brief SSH channel exit signal callback. Called when a channel has received an exit signal
- * @param session Current session handler
- * @param channel the actual channel
- * @param signal the signal name (without the SIG prefix)
- * @param core a boolean telling wether a core has been dumped or not
- * @param errmsg the description of the exception
- * @param lang the language of the description (format: RFC 3066)
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_channel_exit_signal_callback) (ssh_session session,
-                                            ssh_channel channel,
-                                            const char *signal,
-                                            int core,
-                                            const char *errmsg,
-                                            const char *lang,
-                                            void *userdata);
-
-struct ssh_channel_callbacks_struct {
-  /** DON'T SET THIS use ssh_callbacks_init() instead. */
-  size_t size;
-  /**
-   * User-provided data. User is free to set anything he wants here
-   */
-  void *userdata;
-  /**
-   * This functions will be called when there is data available.
-   */
-  ssh_channel_data_callback channel_data_function;
-  /**
-   * This functions will be called when the channel has received an EOF.
-   */
-  ssh_channel_eof_callback channel_eof_function;
-  /**
-   * This functions will be called when the channel has been closed by remote
-   */
-  ssh_channel_close_callback channel_close_function;
-  /**
-   * This functions will be called when a signal has been received
-   */
-  ssh_channel_signal_callback channel_signal_function;
-  /**
-   * This functions will be called when an exit status has been received
-   */
-  ssh_channel_exit_status_callback channel_exit_status_function;
-  /**
-   * This functions will be called when an exit signal has been received
-   */
-  ssh_channel_exit_signal_callback channel_exit_signal_function;
-};
-typedef struct ssh_channel_callbacks_struct *ssh_channel_callbacks;
-
-/**
- * @brief Set the channel callback functions.
- *
- * This functions sets the callback structure to use your own callback
- * functions for channel data and exceptions
- *
- * @code
- * struct ssh_channel_callbacks_struct cb = {
- *   .userdata = data,
- *   .channel_data = my_channel_data_function
- * };
- * ssh_callbacks_init(&cb);
- * ssh_set_channel_callbacks(channel, &cb);
- * @endcode
- *
- * @param  channel      The channel to set the callback structure.
- *
- * @param  cb           The callback structure itself.
- *
- * @return SSH_OK on success, SSH_ERROR on error.
- */
-LIBSSH_API int ssh_set_channel_callbacks(ssh_channel channel,
-                                         ssh_channel_callbacks cb);
-
-/** @} */
-
-/** @group libssh_threads
- * @{
- */
-
-typedef int (*ssh_thread_callback) (void **lock);
-
-typedef unsigned long (*ssh_thread_id_callback) (void);
-struct ssh_threads_callbacks_struct {
-	const char *type;
-  ssh_thread_callback mutex_init;
-  ssh_thread_callback mutex_destroy;
-  ssh_thread_callback mutex_lock;
-  ssh_thread_callback mutex_unlock;
-  ssh_thread_id_callback thread_id;
-};
-
-/**
- * @brief sets the thread callbacks necessary if your program is using
- * libssh in a multithreaded fashion. This function must be called first,
- * outside of any threading context (in your main() for instance), before
- * ssh_init().
- * @param cb pointer to a ssh_threads_callbacks_struct structure, which contains
- * the different callbacks to be set.
- * @see ssh_threads_callbacks_struct
- * @see SSH_THREADS_PTHREAD
- */
-LIBSSH_API int ssh_threads_set_callbacks(struct ssh_threads_callbacks_struct
-    *cb);
-
-/**
- * @brief returns a pointer on the pthread threads callbacks, to be used with
- * ssh_threads_set_callbacks.
- * @warning you have to link with the library ssh_threads.
- * @see ssh_threads_set_callbacks
- */
-LIBSSH_API struct ssh_threads_callbacks_struct *ssh_threads_get_pthread(void);
-
-/**
- * @brief returns a pointer on the noop threads callbacks, to be used with
- * ssh_threads_set_callbacks. These callbacks do nothing and are being used by
- * default.
- * @see ssh_threads_set_callbacks
- */
-LIBSSH_API struct ssh_threads_callbacks_struct *ssh_threads_get_noop(void);
-
-/** @} */
 #ifdef __cplusplus
 }
 #endif
 
 #endif /*_SSH_CALLBACK_H */
-
-/* @} */

include/libssh/channels.h

@@ -23,31 +23,9 @@
 #define CHANNELS_H_
 #include "libssh/priv.h"
 
-/**  @internal
- * Describes the different possible states in a
- * outgoing (client) channel request
- */
-enum ssh_channel_request_state_e {
-	/** No request has been made */
-	SSH_CHANNEL_REQ_STATE_NONE = 0,
-	/** A request has been made and answer is pending */
-	SSH_CHANNEL_REQ_STATE_PENDING,
-	/** A request has been replied and accepted */
-	SSH_CHANNEL_REQ_STATE_ACCEPTED,
-	/** A request has been replied and refused */
-	SSH_CHANNEL_REQ_STATE_DENIED,
-	/** A request has been replied and an error happend */
-	SSH_CHANNEL_REQ_STATE_ERROR
-};
-
-enum ssh_channel_state_e {
-  SSH_CHANNEL_STATE_NOT_OPEN = 0,
-  SSH_CHANNEL_STATE_OPEN_DENIED,
-  SSH_CHANNEL_STATE_OPEN,
-  SSH_CHANNEL_STATE_CLOSED
-};
-
 struct ssh_channel_struct {
+    struct ssh_channel_struct *prev;
+    struct ssh_channel_struct *next;
     ssh_session session; /* SSH_SESSION pointer */
     uint32_t local_channel;
     uint32_t local_window;
@@ -58,7 +36,7 @@ struct ssh_channel_struct {
     uint32_t remote_window;
     int remote_eof; /* end of file received */
     uint32_t remote_maxpacket;
-    enum ssh_channel_state_e state;
+    int open; /* shows if the channel is still opened */
     int delayed_close;
     ssh_buffer stdout_buffer;
     ssh_buffer stderr_buffer;
@@ -66,44 +44,15 @@ struct ssh_channel_struct {
     int version;
     int blocking;
     int exit_status;
-    enum ssh_channel_request_state_e request_state;
-    ssh_channel_callbacks callbacks;
 };
 
-SSH_PACKET_CALLBACK(ssh_packet_channel_open_conf);
-SSH_PACKET_CALLBACK(ssh_packet_channel_open_fail);
-SSH_PACKET_CALLBACK(ssh_packet_channel_success);
-SSH_PACKET_CALLBACK(ssh_packet_channel_failure);
-SSH_PACKET_CALLBACK(ssh_request_success);
-SSH_PACKET_CALLBACK(ssh_request_denied);
-
-SSH_PACKET_CALLBACK(channel_rcv_change_window);
-SSH_PACKET_CALLBACK(channel_rcv_eof);
-SSH_PACKET_CALLBACK(channel_rcv_close);
-SSH_PACKET_CALLBACK(channel_rcv_request);
-SSH_PACKET_CALLBACK(channel_rcv_data);
-
-ssh_channel ssh_channel_new(ssh_session session);
+void channel_handle(ssh_session session, int type);
+ssh_channel channel_new(ssh_session session);
 int channel_default_bufferize(ssh_channel channel, void *data, int len,
         int is_stderr);
 uint32_t ssh_channel_new_id(ssh_session session);
 ssh_channel ssh_channel_from_local(ssh_session session, uint32_t id);
 int channel_write_common(ssh_channel channel, const void *data,
     uint32_t len, int is_stderr);
-#ifdef WITH_SSH1
-SSH_PACKET_CALLBACK(ssh_packet_data1);
-SSH_PACKET_CALLBACK(ssh_packet_close1);
-SSH_PACKET_CALLBACK(ssh_packet_exist_status1);
-
-/* channels1.c */
-int channel_open_session1(ssh_channel channel);
-int channel_request_pty_size1(ssh_channel channel, const char *terminal,
-    int cols, int rows);
-int channel_change_pty_size1(ssh_channel channel, int cols, int rows);
-int channel_request_shell1(ssh_channel channel);
-int channel_request_exec1(ssh_channel channel, const char *cmd);
-int channel_write1(ssh_channel channel, const void *data, int len);
-ssh_channel ssh_get_channel1(ssh_session session);
-#endif
 
 #endif /* CHANNELS_H_ */

include/libssh/crypto.h

@@ -58,8 +58,6 @@ struct ssh_crypto_struct {
     const char *server_pubkey_type;
     int do_compress_out; /* idem */
     int do_compress_in; /* don't set them, set the option instead */
-    int delayed_compress_in; /* Use of zlib@openssh.org */
-    int delayed_compress_out;
     void *compress_out_ctx; /* don't touch it */
     void *compress_in_ctx; /* really, don't */
 };

include/libssh/legacy.h

@@ -1,100 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-/* Since libssh.h includes legacy.h, it's important that libssh.h is included
- * first. we don't define LEGACY_H now because we want it to be defined when
- * included from libssh.h
- * All function calls declared in this header are deprecated and meant to be
- * removed in future.
- */
-
-#include "libssh/libssh.h"
-
-#ifndef LEGACY_H_
-#define LEGACY_H_
-LIBSSH_API void buffer_free(ssh_buffer buffer);
-LIBSSH_API void *buffer_get(ssh_buffer buffer);
-LIBSSH_API uint32_t buffer_get_len(ssh_buffer buffer);
-LIBSSH_API ssh_buffer buffer_new(void);
-
-LIBSSH_API ssh_channel channel_accept_x11(ssh_channel channel, int timeout_ms);
-LIBSSH_API int channel_change_pty_size(ssh_channel channel,int cols,int rows);
-LIBSSH_API ssh_channel channel_forward_accept(ssh_session session, int timeout_ms);
-LIBSSH_API int channel_close(ssh_channel channel);
-LIBSSH_API int channel_forward_cancel(ssh_session session, const char *address, int port);
-LIBSSH_API int channel_forward_listen(ssh_session session, const char *address, int port, int *bound_port);
-LIBSSH_API void channel_free(ssh_channel channel);
-LIBSSH_API int channel_get_exit_status(ssh_channel channel);
-LIBSSH_API ssh_session channel_get_session(ssh_channel channel);
-LIBSSH_API int channel_is_closed(ssh_channel channel);
-LIBSSH_API int channel_is_eof(ssh_channel channel);
-LIBSSH_API int channel_is_open(ssh_channel channel);
-LIBSSH_API ssh_channel channel_new(ssh_session session);
-LIBSSH_API int channel_open_forward(ssh_channel channel, const char *remotehost,
-    int remoteport, const char *sourcehost, int localport);
-LIBSSH_API int channel_open_session(ssh_channel channel);
-LIBSSH_API int channel_poll(ssh_channel channel, int is_stderr);
-LIBSSH_API int channel_read(ssh_channel channel, void *dest, uint32_t count, int is_stderr);
-
-LIBSSH_API int channel_read_buffer(ssh_channel channel, ssh_buffer buffer, uint32_t count,
-    int is_stderr);
-
-LIBSSH_API int channel_read_nonblocking(ssh_channel channel, void *dest, uint32_t count,
-    int is_stderr);
-LIBSSH_API int channel_request_env(ssh_channel channel, const char *name, const char *value);
-LIBSSH_API int channel_request_exec(ssh_channel channel, const char *cmd);
-LIBSSH_API int channel_request_pty(ssh_channel channel);
-LIBSSH_API int channel_request_pty_size(ssh_channel channel, const char *term,
-    int cols, int rows);
-LIBSSH_API int channel_request_shell(ssh_channel channel);
-LIBSSH_API int channel_request_send_signal(ssh_channel channel, const char *signum);
-LIBSSH_API int channel_request_sftp(ssh_channel channel);
-LIBSSH_API int channel_request_subsystem(ssh_channel channel, const char *subsystem);
-LIBSSH_API int channel_request_x11(ssh_channel channel, int single_connection, const char *protocol,
-    const char *cookie, int screen_number);
-LIBSSH_API int channel_send_eof(ssh_channel channel);
-LIBSSH_API int channel_select(ssh_channel *readchans, ssh_channel *writechans, ssh_channel *exceptchans, struct
-        timeval * timeout);
-LIBSSH_API void channel_set_blocking(ssh_channel channel, int blocking);
-LIBSSH_API int channel_write(ssh_channel channel, const void *data, uint32_t len);
-
-LIBSSH_API void privatekey_free(ssh_private_key prv);
-LIBSSH_API ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
-    int type, const char *passphrase);
-LIBSSH_API void publickey_free(ssh_public_key key);
-LIBSSH_API int ssh_publickey_to_file(ssh_session session, const char *file,
-    ssh_string pubkey, int type);
-LIBSSH_API ssh_string publickey_from_file(ssh_session session, const char *filename,
-    int *type);
-LIBSSH_API ssh_public_key publickey_from_privatekey(ssh_private_key prv);
-LIBSSH_API ssh_string publickey_to_string(ssh_public_key key);
-LIBSSH_API ssh_message ssh_message_retrieve(ssh_session session, uint32_t packettype);
-LIBSSH_API void string_burn(ssh_string str);
-LIBSSH_API ssh_string string_copy(ssh_string str);
-LIBSSH_API void *string_data(ssh_string str);
-LIBSSH_API int string_fill(ssh_string str, const void *data, size_t len);
-LIBSSH_API void string_free(ssh_string str);
-LIBSSH_API ssh_string string_from_char(const char *what);
-LIBSSH_API size_t string_len(ssh_string str);
-LIBSSH_API ssh_string string_new(size_t size);
-LIBSSH_API char *string_to_char(ssh_string str);
-
-#endif /* LEGACY_H_ */

include/libssh/libcrypto.h

@@ -1,74 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2009 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef LIBCRYPTO_H_
-#define LIBCRYPTO_H_
-
-#include "config.h"
-
-#ifdef HAVE_LIBCRYPTO
-
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
-#include <openssl/sha.h>
-#include <openssl/md5.h>
-#include <openssl/hmac.h>
-typedef SHA_CTX* SHACTX;
-typedef MD5_CTX*  MD5CTX;
-typedef HMAC_CTX* HMACCTX;
-
-#define SHA_DIGEST_LEN SHA_DIGEST_LENGTH
-#ifdef MD5_DIGEST_LEN
-    #undef MD5_DIGEST_LEN
-#endif
-#define MD5_DIGEST_LEN MD5_DIGEST_LENGTH
-
-#include <openssl/bn.h>
-#include <openssl/opensslv.h>
-#define OPENSSL_0_9_7b 0x0090702fL
-#if (OPENSSL_VERSION_NUMBER <= OPENSSL_0_9_7b)
-#define BROKEN_AES_CTR
-#endif
-typedef BIGNUM*  bignum;
-typedef BN_CTX* bignum_CTX;
-
-#define bignum_new() BN_new()
-#define bignum_free(num) BN_clear_free(num)
-#define bignum_set_word(bn,n) BN_set_word(bn,n)
-#define bignum_bin2bn(bn,datalen,data) BN_bin2bn(bn,datalen,data)
-#define bignum_bn2dec(num) BN_bn2dec(num)
-#define bignum_dec2bn(bn,data) BN_dec2bn(data,bn)
-#define bignum_bn2hex(num) BN_bn2hex(num)
-#define bignum_rand(rnd, bits, top, bottom) BN_rand(rnd,bits,top,bottom)
-#define bignum_ctx_new() BN_CTX_new()
-#define bignum_ctx_free(num) BN_CTX_free(num)
-#define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx)
-#define bignum_num_bytes(num) BN_num_bytes(num)
-#define bignum_num_bits(num) BN_num_bits(num)
-#define bignum_is_bit_set(num,bit) BN_is_bit_set(num,bit)
-#define bignum_bn2bin(num,ptr) BN_bn2bin(num,ptr)
-#define bignum_cmp(num1,num2) BN_cmp(num1,num2)
-
-struct crypto_struct *ssh_get_ciphertab(void);
-
-#endif /* HAVE_LIBCRYPTO */
-
-#endif /* LIBCRYPTO_H_ */

include/libssh/libgcrypt.h

@@ -1,60 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2009 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef LIBGCRYPT_H_
-#define LIBGCRYPT_H_
-
-#include "config.h"
-
-#ifdef HAVE_LIBGCRYPT
-
-#include <gcrypt.h>
-typedef gcry_md_hd_t SHACTX;
-typedef gcry_md_hd_t MD5CTX;
-typedef gcry_md_hd_t HMACCTX;
-#define SHA_DIGEST_LEN 20
-#define MD5_DIGEST_LEN 16
-#define EVP_MAX_MD_SIZE 36
-
-typedef gcry_mpi_t bignum;
-
-#define bignum_new() gcry_mpi_new(0)
-#define bignum_free(num) gcry_mpi_release(num)
-#define bignum_set_word(bn,n) gcry_mpi_set_ui(bn,n)
-#define bignum_bin2bn(bn,datalen,data) gcry_mpi_scan(data,GCRYMPI_FMT_USG,bn,datalen,NULL)
-#define bignum_bn2dec(num) my_gcry_bn2dec(num)
-#define bignum_dec2bn(num, data) my_gcry_dec2bn(data, num)
-#define bignum_bn2hex(num,data) gcry_mpi_aprint(GCRYMPI_FMT_HEX,data,NULL,num)
-#define bignum_hex2bn(num,datalen,data) gcry_mpi_scan(num,GCRYMPI_FMT_HEX,data,datalen,NULL)
-#define bignum_rand(num,bits) gcry_mpi_randomize(num,bits,GCRY_STRONG_RANDOM),gcry_mpi_set_bit(num,bits-1),gcry_mpi_set_bit(num,0)
-#define bignum_mod_exp(dest,generator,exp,modulo) gcry_mpi_powm(dest,generator,exp,modulo)
-#define bignum_num_bits(num) gcry_mpi_get_nbits(num)
-#define bignum_num_bytes(num) ((gcry_mpi_get_nbits(num)+7)/8)
-#define bignum_is_bit_set(num,bit) gcry_mpi_test_bit(num,bit)
-#define bignum_bn2bin(num,datalen,data) gcry_mpi_print(GCRYMPI_FMT_USG,data,datalen,NULL,num)
-#define bignum_cmp(num1,num2) gcry_mpi_cmp(num1,num2)
-
-
-#endif /* HAVE_LIBGCRYPT */
-
-struct crypto_struct *ssh_get_ciphertab(void);
-
-#endif /* LIBGCRYPT_H_ */

include/libssh/libssh.h

@@ -22,10 +22,10 @@
 #ifndef _LIBSSH_H
 #define _LIBSSH_H
 
-#if defined _WIN32 || defined __CYGWIN__
-  #ifdef LIBSSH_STATIC
-    #define LIBSSH_API
-  #else
+#ifdef LIBSSH_STATIC
+  #define LIBSSH_API
+#else
+  #if defined _WIN32 || defined __CYGWIN__
     #ifdef LIBSSH_EXPORTS
       #ifdef __GNUC__
         #define LIBSSH_API __attribute__((dllexport))
@@ -39,12 +39,12 @@
         #define LIBSSH_API __declspec(dllimport)
       #endif
     #endif
-  #endif
-#else
-  #if __GNUC__ >= 4 && !defined(__OS2__)
-    #define LIBSSH_API __attribute__((visibility("default")))
   #else
-    #define LIBSSH_API
+    #if __GNUC__ >= 4
+      #define LIBSSH_API __attribute__((visibility("default")))
+    #else
+      #define LIBSSH_API
+    #endif
   #endif
 #endif
 
@@ -78,8 +78,8 @@
 
 /* libssh version */
 #define LIBSSH_VERSION_MAJOR  0
-#define LIBSSH_VERSION_MINOR  5
-#define LIBSSH_VERSION_MICRO  5
+#define LIBSSH_VERSION_MINOR  4
+#define LIBSSH_VERSION_MICRO  4
 
 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \
                                            LIBSSH_VERSION_MINOR, \
@@ -113,23 +113,16 @@ typedef struct ssh_message_struct* ssh_message;
 typedef struct ssh_pcap_file_struct* ssh_pcap_file;
 typedef struct ssh_private_key_struct* ssh_private_key;
 typedef struct ssh_public_key_struct* ssh_public_key;
-typedef struct ssh_key_struct* ssh_key;
 typedef struct ssh_scp_struct* ssh_scp;
 typedef struct ssh_session_struct* ssh_session;
 typedef struct ssh_string_struct* ssh_string;
 
 /* Socket type */
 #ifdef _WIN32
-#ifndef socket_t
-typedef SOCKET socket_t;
-#endif /* socket_t */
-#else /* _WIN32 */
-#ifndef socket_t
+#define socket_t SOCKET
+#else
 typedef int socket_t;
 #endif
-#endif /* _WIN32 */
-
-#define SSH_INVALID_SOCKET ((socket_t) -1)
 
 /* the offsets of methods */
 enum ssh_kex_types_e {
@@ -155,7 +148,6 @@ enum ssh_auth_e {
 	SSH_AUTH_DENIED,
 	SSH_AUTH_PARTIAL,
 	SSH_AUTH_INFO,
-	SSH_AUTH_AGAIN,
 	SSH_AUTH_ERROR=-1
 };
 
@@ -173,7 +165,7 @@ enum ssh_requests_e {
 	SSH_REQUEST_CHANNEL_OPEN,
 	SSH_REQUEST_CHANNEL,
 	SSH_REQUEST_SERVICE,
-	SSH_REQUEST_GLOBAL
+	SSH_REQUEST_GLOBAL,
 };
 
 enum ssh_channel_type_e {
@@ -191,20 +183,7 @@ enum ssh_channel_requests_e {
 	SSH_CHANNEL_REQUEST_SHELL,
 	SSH_CHANNEL_REQUEST_ENV,
 	SSH_CHANNEL_REQUEST_SUBSYSTEM,
-	SSH_CHANNEL_REQUEST_WINDOW_CHANGE
-};
-
-enum ssh_global_requests_e {
-	SSH_GLOBAL_REQUEST_UNKNOWN=0,
-	SSH_GLOBAL_REQUEST_TCPIP_FORWARD,
-	SSH_GLOBAL_REQUEST_CANCEL_TCPIP_FORWARD,
-};
-
-enum ssh_publickey_state_e {
-	SSH_PUBLICKEY_STATE_ERROR=-1,
-	SSH_PUBLICKEY_STATE_NONE=0,
-	SSH_PUBLICKEY_STATE_VALID=1,
-	SSH_PUBLICKEY_STATE_WRONG=2
+	SSH_CHANNEL_REQUEST_WINDOW_CHANGE,
 };
 
 /* status flags */
@@ -218,7 +197,7 @@ enum ssh_server_known_e {
 	SSH_SERVER_KNOWN_OK,
 	SSH_SERVER_KNOWN_CHANGED,
 	SSH_SERVER_FOUND_OTHER,
-	SSH_SERVER_FILE_NOT_FOUND
+	SSH_SERVER_FILE_NOT_FOUND,
 };
 
 #ifndef MD5_DIGEST_LEN
@@ -233,29 +212,18 @@ enum ssh_error_types_e {
 	SSH_EINTR
 };
 
-/* some types for keys */
-enum ssh_keytypes_e{
-  SSH_KEYTYPE_UNKNOWN=0,
-  SSH_KEYTYPE_DSS=1,
-  SSH_KEYTYPE_RSA,
-  SSH_KEYTYPE_RSA1
-};
-
 /* Error return codes */
 #define SSH_OK 0     /* No error */
 #define SSH_ERROR -1 /* Error of some kind */
 #define SSH_AGAIN -2 /* The nonblocking call must be repeated */
 #define SSH_EOF -127 /* We have already a eof */
 
-/**
- * @addtogroup libssh_log
- *
+/** \addtogroup ssh_log
  * @{
  */
+ /** \brief Verbosity level for logging and help to debugging
+  */
 
-/**
- * @brief Verbosity level for logging and help to debugging
- */
 enum {
 	/** No logging at all
 	 */
@@ -273,7 +241,8 @@ enum {
 	 */
 	SSH_LOG_FUNCTIONS
 };
-/** @} */
+/** @}
+ */
 
 enum ssh_options_e {
   SSH_OPTIONS_HOST,
@@ -291,15 +260,12 @@ enum ssh_options_e {
   SSH_OPTIONS_SSH2,
   SSH_OPTIONS_LOG_VERBOSITY,
   SSH_OPTIONS_LOG_VERBOSITY_STR,
+
   SSH_OPTIONS_CIPHERS_C_S,
   SSH_OPTIONS_CIPHERS_S_C,
   SSH_OPTIONS_COMPRESSION_C_S,
   SSH_OPTIONS_COMPRESSION_S_C,
-  SSH_OPTIONS_PROXYCOMMAND,
-  SSH_OPTIONS_BINDADDR,
-  SSH_OPTIONS_STRICTHOSTKEYCHECK,
-  SSH_OPTIONS_COMPRESSION,
-  SSH_OPTIONS_COMPRESSION_LEVEL
+  SSH_OPTIONS_PROXYCOMMAND
 };
 
 enum {
@@ -323,42 +289,60 @@ enum ssh_scp_request_types {
   SSH_SCP_REQUEST_WARNING
 };
 
-LIBSSH_API int ssh_blocking_flush(ssh_session session, int timeout);
-LIBSSH_API ssh_channel ssh_channel_accept_x11(ssh_channel channel, int timeout_ms);
-LIBSSH_API int ssh_channel_change_pty_size(ssh_channel channel,int cols,int rows);
-LIBSSH_API int ssh_channel_close(ssh_channel channel);
-LIBSSH_API void ssh_channel_free(ssh_channel channel);
-LIBSSH_API int ssh_channel_get_exit_status(ssh_channel channel);
-LIBSSH_API ssh_session ssh_channel_get_session(ssh_channel channel);
-LIBSSH_API int ssh_channel_is_closed(ssh_channel channel);
-LIBSSH_API int ssh_channel_is_eof(ssh_channel channel);
-LIBSSH_API int ssh_channel_is_open(ssh_channel channel);
-LIBSSH_API ssh_channel ssh_channel_new(ssh_session session);
-LIBSSH_API int ssh_channel_open_forward(ssh_channel channel, const char *remotehost,
-    int remoteport, const char *sourcehost, int localport);
-LIBSSH_API int ssh_channel_open_session(ssh_channel channel);
-LIBSSH_API int ssh_channel_poll(ssh_channel channel, int is_stderr);
-LIBSSH_API int ssh_channel_read(ssh_channel channel, void *dest, uint32_t count, int is_stderr);
-LIBSSH_API int ssh_channel_read_nonblocking(ssh_channel channel, void *dest, uint32_t count,
-    int is_stderr);
-LIBSSH_API int ssh_channel_request_env(ssh_channel channel, const char *name, const char *value);
-LIBSSH_API int ssh_channel_request_exec(ssh_channel channel, const char *cmd);
-LIBSSH_API int ssh_channel_request_pty(ssh_channel channel);
-LIBSSH_API int ssh_channel_request_pty_size(ssh_channel channel, const char *term,
-    int cols, int rows);
-LIBSSH_API int ssh_channel_request_shell(ssh_channel channel);
-LIBSSH_API int ssh_channel_request_send_signal(ssh_channel channel, const char *signum);
-LIBSSH_API int ssh_channel_request_sftp(ssh_channel channel);
-LIBSSH_API int ssh_channel_request_subsystem(ssh_channel channel, const char *subsystem);
-LIBSSH_API int ssh_channel_request_x11(ssh_channel channel, int single_connection, const char *protocol,
-    const char *cookie, int screen_number);
-LIBSSH_API int ssh_channel_send_eof(ssh_channel channel);
-LIBSSH_API int ssh_channel_select(ssh_channel *readchans, ssh_channel *writechans, ssh_channel *exceptchans, struct
-        timeval * timeout);
-LIBSSH_API void ssh_channel_set_blocking(ssh_channel channel, int blocking);
-LIBSSH_API int ssh_channel_write(ssh_channel channel, const void *data, uint32_t len);
-LIBSSH_API uint32_t ssh_channel_window_size(ssh_channel channel);
+LIBSSH_API void buffer_free(ssh_buffer buffer);
+LIBSSH_API void *buffer_get(ssh_buffer buffer);
+LIBSSH_API uint32_t buffer_get_len(ssh_buffer buffer);
+LIBSSH_API ssh_buffer buffer_new(void);
 
+LIBSSH_API ssh_channel channel_accept_x11(ssh_channel channel, int timeout_ms);
+LIBSSH_API int channel_change_pty_size(ssh_channel channel,int cols,int rows);
+LIBSSH_API ssh_channel channel_forward_accept(ssh_session session, int timeout_ms);
+LIBSSH_API int channel_close(ssh_channel channel);
+LIBSSH_API int channel_forward_cancel(ssh_session session, const char *address, int port);
+LIBSSH_API int channel_forward_listen(ssh_session session, const char *address, int port, int *bound_port);
+LIBSSH_API void channel_free(ssh_channel channel);
+LIBSSH_API int channel_get_exit_status(ssh_channel channel);
+LIBSSH_API ssh_session channel_get_session(ssh_channel channel);
+LIBSSH_API int channel_is_closed(ssh_channel channel);
+LIBSSH_API int channel_is_eof(ssh_channel channel);
+LIBSSH_API int channel_is_open(ssh_channel channel);
+LIBSSH_API ssh_channel channel_new(ssh_session session);
+LIBSSH_API int channel_open_forward(ssh_channel channel, const char *remotehost,
+    int remoteport, const char *sourcehost, int localport);
+LIBSSH_API int channel_open_session(ssh_channel channel);
+LIBSSH_API int channel_poll(ssh_channel channel, int is_stderr);
+LIBSSH_API int channel_read(ssh_channel channel, void *dest, uint32_t count, int is_stderr);
+LIBSSH_API int channel_read_buffer(ssh_channel channel, ssh_buffer buffer, uint32_t count,
+    int is_stderr);
+LIBSSH_API int channel_read_nonblocking(ssh_channel channel, void *dest, uint32_t count,
+    int is_stderr);
+LIBSSH_API int channel_request_env(ssh_channel channel, const char *name, const char *value);
+LIBSSH_API int channel_request_exec(ssh_channel channel, const char *cmd);
+LIBSSH_API int channel_request_pty(ssh_channel channel);
+LIBSSH_API int channel_request_pty_size(ssh_channel channel, const char *term,
+    int cols, int rows);
+LIBSSH_API int channel_request_shell(ssh_channel channel);
+LIBSSH_API int channel_request_send_signal(ssh_channel channel, const char *signum);
+LIBSSH_API int channel_request_sftp(ssh_channel channel);
+LIBSSH_API int channel_request_subsystem(ssh_channel channel, const char *subsystem);
+LIBSSH_API int channel_request_x11(ssh_channel channel, int single_connection, const char *protocol,
+    const char *cookie, int screen_number);
+LIBSSH_API int channel_send_eof(ssh_channel channel);
+LIBSSH_API int channel_select(ssh_channel *readchans, ssh_channel *writechans, ssh_channel *exceptchans, struct
+        timeval * timeout);
+LIBSSH_API void channel_set_blocking(ssh_channel channel, int blocking);
+LIBSSH_API int channel_write(ssh_channel channel, const void *data, uint32_t len);
+
+LIBSSH_API void privatekey_free(ssh_private_key prv);
+LIBSSH_API ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
+    int type, const char *passphrase);
+LIBSSH_API void publickey_free(ssh_public_key key);
+LIBSSH_API int ssh_publickey_to_file(ssh_session session, const char *file,
+    ssh_string pubkey, int type);
+LIBSSH_API ssh_string publickey_from_file(ssh_session session, const char *filename,
+    int *type);
+LIBSSH_API ssh_public_key publickey_from_privatekey(ssh_private_key prv);
+LIBSSH_API ssh_string publickey_to_string(ssh_public_key key);
 LIBSSH_API int ssh_try_publickey_from_file(ssh_session session, const char *keyfile,
     ssh_string *publickey, int *type);
 
@@ -370,9 +354,6 @@ LIBSSH_API const char *ssh_copyright(void);
 LIBSSH_API void ssh_disconnect(ssh_session session);
 LIBSSH_API char *ssh_dirname (const char *path);
 LIBSSH_API int ssh_finalize(void);
-LIBSSH_API ssh_channel ssh_forward_accept(ssh_session session, int timeout_ms);
-LIBSSH_API int ssh_forward_cancel(ssh_session session, const char *address, int port);
-LIBSSH_API int ssh_forward_listen(ssh_session session, const char *address, int port, int *bound_port);
 LIBSSH_API void ssh_free(ssh_session session);
 LIBSSH_API const char *ssh_get_disconnect_message(ssh_session session);
 LIBSSH_API const char *ssh_get_error(void *error);
@@ -387,14 +368,13 @@ LIBSSH_API int ssh_get_random(void *where,int len,int strong);
 LIBSSH_API int ssh_get_version(ssh_session session);
 LIBSSH_API int ssh_get_status(ssh_session session);
 LIBSSH_API int ssh_init(void);
-LIBSSH_API int ssh_is_blocking(ssh_session session);
-LIBSSH_API int ssh_is_connected(ssh_session session);
 LIBSSH_API int ssh_is_server_known(ssh_session session);
 LIBSSH_API void ssh_log(ssh_session session, int prioriry, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
 LIBSSH_API ssh_channel ssh_message_channel_request_open_reply_accept(ssh_message msg);
 LIBSSH_API int ssh_message_channel_request_reply_success(ssh_message msg);
 LIBSSH_API void ssh_message_free(ssh_message msg);
 LIBSSH_API ssh_message ssh_message_get(ssh_session session);
+LIBSSH_API ssh_message ssh_message_retrieve(ssh_session session, uint32_t packettype);
 LIBSSH_API int ssh_message_subtype(ssh_message msg);
 LIBSSH_API int ssh_message_type(ssh_message msg);
 LIBSSH_API int ssh_mkdir (const char *pathname, mode_t mode);
@@ -410,7 +390,7 @@ LIBSSH_API void ssh_pcap_file_free(ssh_pcap_file pcap);
 LIBSSH_API ssh_pcap_file ssh_pcap_file_new(void);
 LIBSSH_API int ssh_pcap_file_open(ssh_pcap_file pcap, const char *filename);
 
-LIBSSH_API enum ssh_keytypes_e ssh_privatekey_type(ssh_private_key privatekey);
+LIBSSH_API int ssh_privatekey_type(ssh_private_key privatekey);
 
 LIBSSH_API void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len);
 LIBSSH_API int ssh_scp_accept_request(ssh_scp scp);
@@ -455,28 +435,19 @@ LIBSSH_API int ssh_userauth_none(ssh_session session, const char *username);
 LIBSSH_API int ssh_userauth_offer_pubkey(ssh_session session, const char *username, int type, ssh_string publickey);
 LIBSSH_API int ssh_userauth_password(ssh_session session, const char *username, const char *password);
 LIBSSH_API int ssh_userauth_pubkey(ssh_session session, const char *username, ssh_string publickey, ssh_private_key privatekey);
-LIBSSH_API int ssh_userauth_privatekey_file(ssh_session session, const char *username,
-    const char *filename, const char *passphrase);
 LIBSSH_API const char *ssh_version(int req_version);
 LIBSSH_API int ssh_write_knownhost(ssh_session session);
 
-LIBSSH_API void ssh_string_burn(ssh_string str);
-LIBSSH_API ssh_string ssh_string_copy(ssh_string str);
-LIBSSH_API void *ssh_string_data(ssh_string str);
-LIBSSH_API int ssh_string_fill(ssh_string str, const void *data, size_t len);
-LIBSSH_API void ssh_string_free(ssh_string str);
-LIBSSH_API ssh_string ssh_string_from_char(const char *what);
-LIBSSH_API size_t ssh_string_len(ssh_string str);
-LIBSSH_API ssh_string ssh_string_new(size_t size);
-LIBSSH_API char *ssh_string_to_char(ssh_string str);
-LIBSSH_API void ssh_string_free_char(char *s);
+LIBSSH_API void string_burn(ssh_string str);
+LIBSSH_API ssh_string string_copy(ssh_string str);
+LIBSSH_API void *string_data(ssh_string str);
+LIBSSH_API int string_fill(ssh_string str, const void *data, size_t len);
+LIBSSH_API void string_free(ssh_string str);
+LIBSSH_API ssh_string string_from_char(const char *what);
+LIBSSH_API size_t string_len(ssh_string str);
+LIBSSH_API ssh_string string_new(size_t size);
+LIBSSH_API char *string_to_char(ssh_string str);
 
-LIBSSH_API int ssh_getpass(const char *prompt, char *buf, size_t len, int echo,
-    int verify);
-
-#ifndef LIBSSH_LEGACY_0_4
-#include "libssh/legacy.h"
-#endif
 
 #ifdef __cplusplus
 }

include/libssh/libsshpp.hpp

@@ -1,604 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef LIBSSHPP_HPP_
-#define LIBSSHPP_HPP_
-
-/**
- * @defgroup ssh_cpp The libssh C++ wrapper
- *
- * The C++ bindings for libssh are completely embedded in a single .hpp file, and
- * this for two reasons:
- * - C++ is hard to keep binary compatible, C is easy. We try to keep libssh C version
- *   as much as possible binary compatible between releases, while this would be hard for
- *   C++. If you compile your program with these headers, you will only link to the C version
- *   of libssh which will be kept ABI compatible. No need to recompile your C++ program
- *   each time a new binary-compatible version of libssh is out
- * - Most of the functions in this file are really short and are probably worth the "inline"
- *   linking mode, which the compiler can decide to do in some case. There would be nearly no
- *   performance penalty of using the wrapper rather than native calls.
- *
- * Please visit the documentation of ssh::Session and ssh::Channel
- * @see ssh::Session
- * @see ssh::Channel
- *
- * If you wish not to use C++ exceptions, please define SSH_NO_CPP_EXCEPTIONS:
- * @code
- * #define SSH_NO_CPP_EXCEPTIONS
- * #include <libssh/libsshpp.hpp>
- * @endcode
- * All functions will then return SSH_ERROR in case of error.
- * @{
- */
-
-/* do not use deprecated functions */
-#define LIBSSH_LEGACY_0_4
-
-#include <libssh/libssh.h>
-#include <libssh/server.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include <stdio.h>
-
-namespace ssh {
-
-class Channel;
-/** Some people do not like C++ exceptions. With this define, we give
- * the choice to use or not exceptions.
- * @brief if defined, disable C++ exceptions for libssh c++ wrapper
- */
-#ifndef SSH_NO_CPP_EXCEPTIONS
-
-/** @brief This class describes a SSH Exception object. This object can be thrown
- * by several SSH functions that interact with the network, and may fail because of
- * socket, protocol or memory errors.
- */
-class SshException{
-public:
-  SshException(ssh_session csession){
-    code=ssh_get_error_code(csession);
-    description=std::string(ssh_get_error(csession));
-  }
-  SshException(const SshException &e){
-    code=e.code;
-    description=e.description;
-  }
-  /** @brief returns the Error code
-   * @returns SSH_FATAL Fatal error happened (not recoverable)
-   * @returns SSH_REQUEST_DENIED Request was denied by remote host
-   * @see ssh_get_error_code
-   */
-  int getCode(){
-    return code;
-  }
-  /** @brief returns the error message of the last exception
-   * @returns pointer to a c string containing the description of error
-   * @see ssh_get_error
-   */
-  std::string getError(){
-    return description;
-  }
-private:
-  int code;
-  std::string description;
-};
-
-/** @internal
- * @brief Macro to throw exception if there was an error
- */
-#define ssh_throw(x) if((x)==SSH_ERROR) throw SshException(getCSession())
-#define ssh_throw_null(CSession,x) if((x)==NULL) throw SshException(CSession)
-#define void_throwable void
-#define return_throwable return
-
-#else
-
-/* No exception at all. All functions will return an error code instead
- * of an exception
- */
-#define ssh_throw(x) if((x)==SSH_ERROR) return SSH_ERROR
-#define ssh_throw_null(CSession,x) if((x)==NULL) return NULL
-#define void_throwable int
-#define return_throwable return SSH_OK
-#endif
-
-/**
- * The ssh::Session class contains the state of a SSH connection.
- */
-class Session {
-  friend class Channel;
-public:
-  Session(){
-    c_session=ssh_new();
-  }
-  ~Session(){
-    ssh_free(c_session);
-    c_session=NULL;
-  }
-  /** @brief sets an SSH session options
-   * @param type Type of option
-   * @param option cstring containing the value of option
-   * @throws SshException on error
-   * @see ssh_options_set
-   */
-  void_throwable setOption(enum ssh_options_e type, const char *option){
-    ssh_throw(ssh_options_set(c_session,type,option));
-    return_throwable;
-  }
-  /** @brief sets an SSH session options
-   * @param type Type of option
-   * @param option long integer containing the value of option
-   * @throws SshException on error
-   * @see ssh_options_set
-   */
-  void_throwable setOption(enum ssh_options_e type, long int option){
-    ssh_throw(ssh_options_set(c_session,type,&option));
-    return_throwable;
-  }
-  /** @brief sets an SSH session options
-   * @param type Type of option
-   * @param option void pointer containing the value of option
-   * @throws SshException on error
-   * @see ssh_options_set
-   */
-  void_throwable setOption(enum ssh_options_e type, void *option){
-    ssh_throw(ssh_options_set(c_session,type,option));
-    return_throwable;
-  }
-  /** @brief connects to the remote host
-   * @throws SshException on error
-   * @see ssh_connect
-   */
-  void_throwable connect(){
-    int ret=ssh_connect(c_session);
-    ssh_throw(ret);
-    return_throwable;
-  }
-  /** @brief Authenticates automatically using public key
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED
-   * @see ssh_userauth_autopubkey
-   */
-  int userauthAutopubkey(void){
-    int ret=ssh_userauth_autopubkey(c_session,NULL);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Authenticates using the "none" method. Prefer using autopubkey if
-   * possible.
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED
-   * @see ssh_userauth_none
-   * @see Session::userauthAutoPubkey
-   */
-  int userauthNone(){
-    int ret=ssh_userauth_none(c_session,NULL);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Authenticates using the password method.
-   * @param[in] password password to use for authentication
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED
-   * @see ssh_userauth_password
-   */
-  int userauthPassword(const char *password){
-    int ret=ssh_userauth_password(c_session,NULL,password);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Try to authenticate using the publickey method.
-   * @param[in] type public key type
-   * @param[in] pubkey public key to use for authentication
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS if the pubkey is accepted,
-   * @returns SSH_AUTH_DENIED if the pubkey is denied
-   * @see ssh_userauth_offer_pubkey
-   */
-  int userauthOfferPubkey(int type, ssh_string pubkey){
-    int ret=ssh_userauth_offer_pubkey(c_session,NULL,type,pubkey);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Authenticates using the publickey method.
-   * @param[in] pubkey public key to use for authentication
-   * @param[in] privkey private key to use for authentication
-   * @throws SshException on error
-   * @returns SSH_AUTH_SUCCESS, SSH_AUTH_PARTIAL, SSH_AUTH_DENIED
-   * @see ssh_userauth_pubkey
-   */
-  int userauthPubkey(ssh_string pubkey, ssh_private_key privkey){
-    int ret=ssh_userauth_pubkey(c_session,NULL,pubkey,privkey);
-    ssh_throw(ret);
-    return ret;
-  }
-  int userauthPubkey(ssh_private_key privkey){
-    int ret=ssh_userauth_pubkey(c_session,NULL,NULL,privkey);
-    ssh_throw(ret);
-    return ret;
-  }
-  int userauthPrivatekeyFile(const char *filename,
-      const char *passphrase);
-  /** @brief Returns the available authentication methods from the server
-   * @throws SshException on error
-   * @returns Bitfield of available methods.
-   * @see ssh_userauth_list
-   */
-  int getAuthList(){
-    int ret=ssh_userauth_list(c_session, NULL);
-    ssh_throw(ret);
-    return ret;
-  }
-  /** @brief Disconnects from the SSH server and closes connection
-   * @see ssh_disconnect
-   */
-  void disconnect(){
-    ssh_disconnect(c_session);
-  }
-  /** @brief Returns the disconnect message from the server, if any
-   * @returns pointer to the message, or NULL. Do not attempt to free
-   * the pointer.
-   */
-  const char *getDisconnectMessage(){
-    const char *msg=ssh_get_disconnect_message(c_session);
-    return msg;
-  }
-  /** @internal
-   * @brief gets error message
-   */
-  const char *getError(){
-    return ssh_get_error(c_session);
-  }
-  /** @internal
-   * @brief returns error code
-   */
-  int getErrorCode(){
-    return ssh_get_error_code(c_session);
-  }
-  /** @brief returns the file descriptor used for the communication
-   * @returns the file descriptor
-   * @warning if a proxycommand is used, this function will only return
-   * one of the two file descriptors being used
-   * @see ssh_get_fd
-   */
-  socket_t getSocket(){
-    return ssh_get_fd(c_session);
-  }
-  /** @brief gets the Issue banner from the ssh server
-   * @returns the issue banner. This is generally a MOTD from server
-   * @see ssh_get_issue_banner
-   */
-  std::string getIssueBanner(){
-    char *banner=ssh_get_issue_banner(c_session);
-    std::string ret= std::string(banner);
-    ::free(banner);
-    return ret;
-  }
-  /** @brief returns the OpenSSH version (server) if possible
-   * @returns openssh version code
-   * @see ssh_get_openssh_version
-   */
-  int getOpensshVersion(){
-    return ssh_get_openssh_version(c_session);
-  }
-  /** @brief returns the version of the SSH protocol being used
-   * @returns the SSH protocol version
-   * @see ssh_get_version
-   */
-  int getVersion(){
-    return ssh_get_version(c_session);
-  }
-  /** @brief verifies that the server is known
-   * @throws SshException on error
-   * @returns Integer value depending on the knowledge of the
-   * server key
-   * @see ssh_is_server_known
-   */
-  int isServerKnown(){
-    int ret=ssh_is_server_known(c_session);
-    ssh_throw(ret);
-    return ret;
-  }
-  void log(int priority, const char *format, ...){
-    char buffer[1024];
-    va_list va;
-
-    va_start(va, format);
-    vsnprintf(buffer, sizeof(buffer), format, va);
-    va_end(va);
-    ssh_log(c_session,priority, "%s", buffer);
-  }
-
-  /** @brief copies options from a session to another
-   * @throws SshException on error
-   * @see ssh_options_copy
-   */
-  void_throwable optionsCopy(const Session &source){
-    ssh_throw(ssh_options_copy(source.c_session,&c_session));
-    return_throwable;
-  }
-  /** @brief parses a configuration file for options
-   * @throws SshException on error
-   * @param[in] file configuration file name
-   * @see ssh_options_parse_config
-   */
-  void_throwable optionsParseConfig(const char *file){
-    ssh_throw(ssh_options_parse_config(c_session,file));
-    return_throwable;
-  }
-  /** @brief silently disconnect from remote host
-   * @see ssh_silent_disconnect
-   */
-  void silentDisconnect(){
-    ssh_silent_disconnect(c_session);
-  }
-  /** @brief Writes the known host file with current
-   * host key
-   * @throws SshException on error
-   * @see ssh_write_knownhost
-   */
-  int writeKnownhost(){
-    int ret = ssh_write_knownhost(c_session);
-    ssh_throw(ret);
-    return ret;
-  }
-
-  /** @brief accept an incoming forward connection
-   * @param[in] timeout_ms timeout for waiting, in ms
-   * @returns new Channel pointer on the forward connection
-   * @returns NULL in case of error
-   * @warning you have to delete this pointer after use
-   * @see ssh_channel_forward_accept
-   * @see Session::listenForward
-   */
-  Channel *acceptForward(int timeout_ms);
-  /* acceptForward is implemented later in this file */
-
-  void_throwable cancelForward(const char *address, int port){
-    int err=ssh_forward_cancel(c_session, address, port);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-  void_throwable listenForward(const char *address, int port,
-      int &boundport){
-    int err=ssh_forward_listen(c_session, address, port, &boundport);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-private:
-  ssh_session c_session;
-  ssh_session getCSession(){
-    return c_session;
-  }
-  /* No copy constructor, no = operator */
-  Session(const Session &);
-  Session& operator=(const Session &);
-};
-
-/** @brief the ssh::Channel class describes the state of an SSH
- * channel.
- * @see ssh_channel
- */
-class Channel {
-  friend class Session;
-public:
-  Channel(Session &session){
-    channel=ssh_channel_new(session.getCSession());
-    this->session=&session;
-  }
-  ~Channel(){
-    ssh_channel_free(channel);
-    channel=NULL;
-  }
-
-  /** @brief accept an incoming X11 connection
-   * @param[in] timeout_ms timeout for waiting, in ms
-   * @returns new Channel pointer on the X11 connection
-   * @returns NULL in case of error
-   * @warning you have to delete this pointer after use
-   * @see ssh_channel_accept_x11
-   * @see Channel::requestX11
-   */
-  Channel *acceptX11(int timeout_ms){
-    ssh_channel x11chan = ssh_channel_accept_x11(channel,timeout_ms);
-    ssh_throw_null(getCSession(),x11chan);
-    Channel *newchan = new Channel(getSession(),x11chan);
-    return newchan;
-  }
-  /** @brief change the size of a pseudoterminal
-   * @param[in] cols number of columns
-   * @param[in] rows number of rows
-   * @throws SshException on error
-   * @see ssh_channel_change_pty_size
-   */
-  void_throwable changePtySize(int cols, int rows){
-    int err=ssh_channel_change_pty_size(channel,cols,rows);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-  /** @brief closes a channel
-   * @throws SshException on error
-   * @see ssh_channel_close
-   */
-  void_throwable close(){
-    ssh_throw(ssh_channel_close(channel));
-    return_throwable;
-  }
-
-  int getExitStatus(){
-    return ssh_channel_get_exit_status(channel);
-  }
-  Session &getSession(){
-    return *session;
-  }
-  /** @brief returns true if channel is in closed state
-   * @see ssh_channel_is_closed
-   */
-  bool isClosed(){
-    return ssh_channel_is_closed(channel) != 0;
-  }
-  /** @brief returns true if channel is in EOF state
-   * @see ssh_channel_is_eof
-   */
-  bool isEof(){
-    return ssh_channel_is_eof(channel) != 0;
-  }
-  /** @brief returns true if channel is in open state
-   * @see ssh_channel_is_open
-   */
-  bool isOpen(){
-    return ssh_channel_is_open(channel) != 0;
-  }
-  int openForward(const char *remotehost, int remoteport,
-      const char *sourcehost=NULL, int localport=0){
-    int err=ssh_channel_open_forward(channel,remotehost,remoteport,
-        sourcehost, localport);
-    ssh_throw(err);
-    return err;
-  }
-  /* TODO: completely remove this ? */
-  void_throwable openSession(){
-    int err=ssh_channel_open_session(channel);
-    ssh_throw(err);
-    return_throwable;
-  }
-  int poll(bool is_stderr=false){
-    int err=ssh_channel_poll(channel,is_stderr);
-    ssh_throw(err);
-    return err;
-  }
-  int read(void *dest, size_t count, bool is_stderr=false){
-    int err;
-    /* handle int overflow */
-    if(count > 0x7fffffff)
-      count = 0x7fffffff;
-    err=ssh_channel_read(channel,dest,count,is_stderr);
-    ssh_throw(err);
-    return err;
-  }
-  int readNonblocking(void *dest, size_t count, bool is_stderr=false){
-    int err;
-    /* handle int overflow */
-    if(count > 0x7fffffff)
-      count = 0x7fffffff;
-    err=ssh_channel_read_nonblocking(channel,dest,count,is_stderr);
-    ssh_throw(err);
-    return err;
-  }
-  void_throwable requestEnv(const char *name, const char *value){
-    int err=ssh_channel_request_env(channel,name,value);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-  void_throwable requestExec(const char *cmd){
-    int err=ssh_channel_request_exec(channel,cmd);
-    ssh_throw(err);
-    return_throwable;
-  }
-  void_throwable requestPty(const char *term=NULL, int cols=0, int rows=0){
-    int err;
-    if(term != NULL && cols != 0 && rows != 0)
-      err=ssh_channel_request_pty_size(channel,term,cols,rows);
-    else
-      err=ssh_channel_request_pty(channel);
-    ssh_throw(err);
-    return_throwable;
-  }
-
-  void_throwable requestShell(){
-    int err=ssh_channel_request_shell(channel);
-    ssh_throw(err);
-    return_throwable;
-  }
-  void_throwable requestSendSignal(const char *signum){
-    int err=ssh_channel_request_send_signal(channel, signum);
-    ssh_throw(err);
-    return_throwable;
-  }
-  void_throwable requestSubsystem(const char *subsystem){
-    int err=ssh_channel_request_subsystem(channel,subsystem);
-    ssh_throw(err);
-    return_throwable;
-  }
-  int requestX11(bool single_connection,
-      const char *protocol, const char *cookie, int screen_number){
-    int err=ssh_channel_request_x11(channel,single_connection,
-        protocol, cookie, screen_number);
-    ssh_throw(err);
-    return err;
-  }
-  void_throwable sendEof(){
-    int err=ssh_channel_send_eof(channel);
-    ssh_throw(err);
-    return_throwable;
-  }
-  /** @brief Writes on a channel
-   * @param data data to write.
-   * @param len number of bytes to write.
-   * @param is_stderr write should be done on the stderr channel (server only)
-   * @returns number of bytes written
-   * @throws SshException in case of error
-   * @see channel_write
-   * @see channel_write_stderr
-   */
-  int write(const void *data, size_t len, bool is_stderr=false){
-    int ret;
-    if(is_stderr){
-      ret=ssh_channel_write_stderr(channel,data,len);
-    } else {
-      ret=ssh_channel_write(channel,data,len);
-    }
-    ssh_throw(ret);
-    return ret;
-  }
-private:
-  ssh_session getCSession(){
-    return session->getCSession();
-  }
-  Channel (Session &session, ssh_channel c_channel){
-    this->channel=c_channel;
-    this->session=&session;
-  }
-  Session *session;
-  ssh_channel channel;
-  /* No copy and no = operator */
-  Channel(const Channel &);
-  Channel &operator=(const Channel &);
-};
-
-
-/* This code cannot be put inline due to references to Channel */
-Channel *Session::acceptForward(int timeout_ms){
-    ssh_channel forward = ssh_forward_accept(c_session,
-        timeout_ms);
-    ssh_throw_null(c_session,forward);
-    Channel *newchan = new Channel(*this,forward);
-    return newchan;
-  }
-
-} // namespace ssh
-
-/** @} */
-#endif /* LIBSSHPP_HPP_ */

include/libssh/messages.h

@@ -47,13 +47,6 @@ struct ssh_service_request {
     char *service;
 };
 
-struct ssh_global_request {
-    int type;
-    uint8_t want_reply;
-    char *bind_address;
-    uint16_t bind_port;
-};
-
 struct ssh_channel_request {
     int type;
     ssh_channel channel;
@@ -82,17 +75,10 @@ struct ssh_message_struct {
     struct ssh_channel_request_open channel_request_open;
     struct ssh_channel_request channel_request;
     struct ssh_service_request service_request;
-    struct ssh_global_request global_request;
 };
 
-SSH_PACKET_CALLBACK(ssh_packet_channel_open);
-SSH_PACKET_CALLBACK(ssh_packet_service_request);
-SSH_PACKET_CALLBACK(ssh_packet_userauth_request);
-SSH_PACKET_CALLBACK(ssh_packet_global_request);
 
-int ssh_message_handle_channel_request(ssh_session session, ssh_channel channel, ssh_buffer packet,
-    const char *request, uint8_t want_reply);
-void ssh_message_queue(ssh_session session, ssh_message message);
-ssh_message ssh_message_pop_head(ssh_session session);
+void message_handle(ssh_session session, uint32_t type);
+int ssh_execute_message_callbacks(ssh_session session);
 
 #endif /* MESSAGES_H_ */

include/libssh/misc.h

@@ -30,9 +30,6 @@ int ssh_file_readaccess_ok(const char *file);
 
 char *ssh_path_expand_tilde(const char *d);
 char *ssh_path_expand_escape(ssh_session session, const char *s);
-int ssh_analyze_banner(ssh_session session, int server, int *ssh1, int *ssh2);
-int ssh_is_ipaddr_v4(const char *str);
-int ssh_is_ipaddr(const char *str);
 
 /* macro for byte ordering */
 uint64_t ntohll(uint64_t);
@@ -50,19 +47,12 @@ struct ssh_iterator {
   const void *data;
 };
 
-struct ssh_timestamp {
-  long seconds;
-  long useconds;
-};
-
 struct ssh_list *ssh_list_new(void);
 void ssh_list_free(struct ssh_list *list);
 struct ssh_iterator *ssh_list_get_iterator(const struct ssh_list *list);
-struct ssh_iterator *ssh_list_find(const struct ssh_list *list, void *value);
 int ssh_list_append(struct ssh_list *list, const void *data);
 int ssh_list_prepend(struct ssh_list *list, const void *data);
 void ssh_list_remove(struct ssh_list *list, struct ssh_iterator *iterator);
-char *ssh_lowercase(const char* str);
 char *ssh_hostport(const char *host, int port);
 
 const void *_ssh_list_pop_head(struct ssh_list *list);
@@ -78,9 +68,4 @@ const void *_ssh_list_pop_head(struct ssh_list *list);
 #define ssh_list_pop_head(type, ssh_list)\
   ((type)_ssh_list_pop_head(ssh_list))
 
-int ssh_make_milliseconds(long sec, long usec);
-void ssh_timestamp_init(struct ssh_timestamp *ts);
-int ssh_timeout_elapsed(struct ssh_timestamp *ts, int timeout);
-int ssh_timeout_update(struct ssh_timestamp *ts, int timeout);
-
 #endif /* MISC_H_ */

include/libssh/packet.h

@@ -29,34 +29,13 @@ typedef struct packet_struct {
 	uint8_t type;
 } PACKET;
 
-/** different state of packet reading. */
-enum ssh_packet_state_e {
-  /** Packet not initialized, must read the size of packet */
-  PACKET_STATE_INIT,
-  /** Size was read, waiting for the rest of data */
-  PACKET_STATE_SIZEREAD,
-  /** Full packet was read and callbacks are being called. Future packets
-   * should wait for the end of the callback. */
-  PACKET_STATE_PROCESSING
-};
-
+void packet_parse(ssh_session session);
 int packet_send(ssh_session session);
 
-#ifdef WITH_SSH1
-int packet_send1(ssh_session session) ;
-void ssh_packet_set_default_callbacks1(ssh_session session);
-
-SSH_PACKET_CALLBACK(ssh_packet_disconnect1);
-SSH_PACKET_CALLBACK(ssh_packet_smsg_success1);
-SSH_PACKET_CALLBACK(ssh_packet_smsg_failure1);
-int ssh_packet_socket_callback1(const void *data, size_t receivedlen, void *user);
-
-#endif
-
-SSH_PACKET_CALLBACK(ssh_packet_unimplemented);
-int ssh_packet_send_unimplemented(ssh_session session, uint32_t seqnum);
-int ssh_packet_parse_type(ssh_session session);
-//int packet_flush(ssh_session session, int enforce_blocking);
+int packet_read(ssh_session session);
+int packet_translate(ssh_session session);
+int packet_wait(ssh_session session,int type,int blocking);
+int packet_flush(ssh_session session, int enforce_blocking);
 
 
 #endif /* PACKET_H_ */

include/libssh/pki.h

@@ -1,49 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef PKI_H_
-#define PKI_H_
-
-#define SSH_KEY_FLAG_EMPTY 0
-#define SSH_KEY_FLAG_PUBLIC  1
-#define SSH_KEY_FLAG_PRIVATE 2
-
-struct ssh_key_struct {
-    enum ssh_keytypes_e type;
-    int flags;
-    const char *type_c; /* Don't free it ! it is static */
-#ifdef HAVE_LIBGCRYPT
-    gcry_sexp_t dsa;
-    gcry_sexp_t rsa;
-#elif HAVE_LIBCRYPTO
-    DSA *dsa;
-    RSA *rsa;
-#endif
-};
-
-ssh_key ssh_key_new (void);
-void ssh_key_clean (ssh_key key);
-enum ssh_keytypes_e ssh_key_type(ssh_key key);
-int ssh_key_import_private(ssh_key key, ssh_session session,
-    const char *filename, const char *passphrase);
-void ssh_key_free (ssh_key key);
-
-#endif /* PKI_H_ */

include/libssh/poll.h

@@ -38,45 +38,6 @@ typedef struct ssh_pollfd_struct {
   short revents;    /* returned events */
 } ssh_pollfd_t;
 
-typedef unsigned long int nfds_t;
-
-#ifdef _WIN32
-
-#ifndef POLLRDNORM
-#define POLLRDNORM  0x0100
-#endif
-#ifndef POLLRDBAND
-#define POLLRDBAND  0x0200
-#endif
-#ifndef POLLIN
-#define POLLIN      (POLLRDNORM | POLLRDBAND)
-#endif
-#ifndef POLLPRI
-#define POLLPRI     0x0400
-#endif
-
-#ifndef POLLWRNORM
-#define POLLWRNORM  0x0010
-#endif
-#ifndef POLLOUT
-#define POLLOUT     (POLLWRNORM)
-#endif
-#ifndef POLLWRBAND
-#define POLLWRBAND  0x0020
-#endif
-
-#ifndef POLLERR
-#define POLLERR     0x0001
-#endif
-#ifndef POLLHUP
-#define POLLHUP     0x0002
-#endif
-#ifndef POLLNVAL
-#define POLLNVAL    0x0004
-#endif
-
-#else /* _WIN32 */
-
 /* poll.c */
 #ifndef POLLIN
 #define POLLIN    0x001  /* There is data to read.  */
@@ -111,18 +72,17 @@ typedef unsigned long int nfds_t;
 #define POLLWRBAND  0x200 /* mapped to write fds_set */
 #endif
 
-#endif /* WIN32 */
+
+typedef unsigned long int nfds_t;
 #endif /* HAVE_POLL */
 
 void ssh_poll_init(void);
-void ssh_poll_cleanup(void);
 int ssh_poll(ssh_pollfd_t *fds, nfds_t nfds, int timeout);
 typedef struct ssh_poll_ctx_struct *ssh_poll_ctx;
 typedef struct ssh_poll_handle_struct *ssh_poll_handle;
 
 /**
- * @brief SSH poll callback. This callback will be used when an event
- *                      caught on the socket.
+ * @brief SSH poll callback.
  *
  * @param p             Poll object this callback belongs to.
  * @param fd            The raw socket.
@@ -130,9 +90,9 @@ typedef struct ssh_poll_handle_struct *ssh_poll_handle;
  * @param userdata      Userdata to be passed to the callback function.
  *
  * @return              0 on success, < 0 if you removed the poll object from
- *                      its poll context.
+ *                      it's poll context.
  */
-typedef int (*ssh_poll_callback)(ssh_poll_handle p, socket_t fd, int revents,
+typedef int (*ssh_poll_callback)(ssh_poll_handle p, int fd, int revents,
     void *userdata);
 
 
@@ -145,14 +105,13 @@ void ssh_poll_set_events(ssh_poll_handle p, short events);
 void ssh_poll_add_events(ssh_poll_handle p, short events);
 void ssh_poll_remove_events(ssh_poll_handle p, short events);
 socket_t ssh_poll_get_fd(ssh_poll_handle p);
-void ssh_poll_set_fd(ssh_poll_handle p, socket_t fd);
 void ssh_poll_set_callback(ssh_poll_handle p, ssh_poll_callback cb, void *userdata);
 ssh_poll_ctx ssh_poll_ctx_new(size_t chunk_size);
 void ssh_poll_ctx_free(ssh_poll_ctx ctx);
 int ssh_poll_ctx_add(ssh_poll_ctx ctx, ssh_poll_handle p);
-int ssh_poll_ctx_add_socket (ssh_poll_ctx ctx, struct ssh_socket_struct *s);
 void ssh_poll_ctx_remove(ssh_poll_ctx ctx, ssh_poll_handle p);
 int ssh_poll_ctx_dopoll(ssh_poll_ctx ctx, int timeout);
-ssh_poll_ctx ssh_poll_get_default_ctx(ssh_session session);
+
+
 
 #endif /* POLL_H_ */

include/libssh/priv.h

@@ -32,77 +32,73 @@
 
 #include "config.h"
 
-#ifdef _WIN32
+#ifdef _MSC_VER
 
-/* Imitate define of inttypes.h */
-# ifndef PRIdS
-#  define PRIdS "Id"
-# endif
+/** Imitate define of inttypes.h */
+#define PRIdS "Id"
 
-# ifdef _MSC_VER
-#  include <stdio.h>
+#define strcasecmp _stricmp
+#define strncasecmp _strnicmp
+#define strtoull _strtoui64
+#define isblank(ch) ((ch) == ' ' || (ch) == '\t' || (ch) == '\n' || (ch) == '\r')
 
-/* On Microsoft compilers define inline to __inline on all others use inline */
-#  undef inline
-#  define inline __inline
+#if _MSC_VER >= 1400
+#define strdup _strdup
+#endif
+#define usleep(X) Sleep(((X)+1000)/1000)
 
-#  define strcasecmp _stricmp
-#  define strncasecmp _strnicmp
-#  define strtoull _strtoui64
-#  define isblank(ch) ((ch) == ' ' || (ch) == '\t' || (ch) == '\n' || (ch) == '\r')
+#undef strtok_r
+#define strtok_r strtok_s
 
-#  define usleep(X) Sleep(((X)+1000)/1000)
+#ifndef HAVE_SNPRINTF
+#ifdef HAVE__SNPRINTF_S
+#define snprintf(d, n, ...) _snprintf_s((d), (n), _TRUNCATE, __VA_ARGS__)
+#else
+#ifdef HAVE__SNPRINTF
+#define snprintf _snprintf
+#else 
+#error "no snprintf compatible function found"
+#endif /* HAVE__SNPRINTF */
+#endif /* HAVE__SNPRINTF_S */
+#endif /* HAVE_SNPRINTF */
 
-#  undef strtok_r
-#  define strtok_r strtok_s
+#ifndef HAVE_VSNPRINTF
+#ifdef HAVE__VSNPRINTF_S
+#define vsnprintf(s, n, f, v) _vsnprintf_s((s), (n), _TRUNCATE, (f), (v))
+#else
+#ifdef HAVE__VSNPRINTF
+#define vsnprintf _vsnprintf
+#else /* HAVE_VSNPRINTF */
+#error "No vsnprintf compatible function found"
+#endif /* HAVE__VSNPRINTF */
+#endif /* HAVE__VSNPRINTF_S */
+#endif /* HAVE_VSNPRINTF */
 
-#  if defined(HAVE__SNPRINTF_S)
-#   undef snprintf
-#   define snprintf(d, n, ...) _snprintf_s((d), (n), _TRUNCATE, __VA_ARGS__)
-#  else /* HAVE__SNPRINTF_S */
-#   if defined(HAVE__SNPRINTF)
-#     undef snprintf
-#     define snprintf _snprintf
-#   else /* HAVE__SNPRINTF */
-#    if !defined(HAVE_SNPRINTF)
-#     error "no snprintf compatible function found"
-#    endif /* HAVE_SNPRINTF */
-#   endif /* HAVE__SNPRINTF */
-#  endif /* HAVE__SNPRINTF_S */
-
-#  if defined(HAVE__VSNPRINTF_S)
-#   undef vsnprintf
-#   define vsnprintf(s, n, f, v) _vsnprintf_s((s), (n), _TRUNCATE, (f), (v))
-#  else /* HAVE__VSNPRINTF_S */
-#   if defined(HAVE__VSNPRINTF)
-#    undef vsnprintf
-#    define vsnprintf _vsnprintf
-#   else
-#    if !defined(HAVE_VSNPRINTF)
-#     error "No vsnprintf compatible function found"
-#    endif /* HAVE_VSNPRINTF */
-#   endif /* HAVE__VSNPRINTF */
-#  endif /* HAVE__VSNPRINTF_S */
-
-# endif /* _MSC_VER */
-
-#else /* _WIN32 */
+#ifndef HAVE_STRNCPY
+#define strncpy(d, s, n) strncpy_s((d), (n), (s), _TRUNCATE)
+#endif
+#else /* _MSC_VER */
 
 #include <unistd.h>
 #define PRIdS "zd"
 
-#endif /* _WIN32 */
+#endif /* _MSC_VER */
 
 #include "libssh/libssh.h"
 #include "libssh/callbacks.h"
 #include "libssh/crypto.h"
-
 /* some constants */
 #define MAX_PACKET_LEN 262144
 #define ERROR_BUFFERLEN 1024
 #define CLIENTBANNER1 "SSH-1.5-libssh-" SSH_STRINGIFY(LIBSSH_VERSION)
 #define CLIENTBANNER2 "SSH-2.0-libssh-" SSH_STRINGIFY(LIBSSH_VERSION)
 #define KBDINT_MAX_PROMPT 256 /* more than openssh's :) */
+/* some types for public keys */
+enum public_key_types_e{
+	TYPE_DSS=1,
+	TYPE_RSA,
+	TYPE_RSA1
+};
 
 #ifdef __cplusplus
 extern "C" {
@@ -120,7 +116,7 @@ typedef struct kex_struct {
 
 struct error_struct {
 /* error handling */
-    int error_code;
+    unsigned int error_code;
     char error_buffer[ERROR_BUFFERLEN];
 };
 
@@ -133,20 +129,34 @@ struct ssh_keys_struct {
 };
 
 struct ssh_message_struct;
-struct ssh_common_struct;
+
 
 /* server data */
 
+struct ssh_bind_struct {
+  struct error_struct error;
+
+  ssh_callbacks callbacks; /* Callbacks to user functions */
+
+  /* options */
+  char *wanted_methods[10];
+  char *banner;
+  char *dsakey;
+  char *rsakey;
+  char *bindaddr;
+  socket_t bindfd;
+  unsigned int bindport;
+  unsigned int log_verbosity;
+
+  int blocking;
+  int toaccept;
+};
 
-SSH_PACKET_CALLBACK(ssh_packet_disconnect_callback);
-SSH_PACKET_CALLBACK(ssh_packet_ignore_callback);
 
 /* client.c */
 
 int ssh_send_banner(ssh_session session, int is_server);
-SSH_PACKET_CALLBACK(ssh_packet_dh_reply);
-SSH_PACKET_CALLBACK(ssh_packet_newkeys);
-SSH_PACKET_CALLBACK(ssh_packet_service_accept);
+char *ssh_get_banner(ssh_session session);
 
 /* config.c */
 int ssh_config_parse_file(ssh_session session, const char *filename);
@@ -161,36 +171,26 @@ uint32_t packet_decrypt_len(ssh_session session,char *crypted);
 int packet_decrypt(ssh_session session, void *packet,unsigned int len);
 unsigned char *packet_encrypt(ssh_session session,void *packet,unsigned int len);
  /* it returns the hmac buffer if exists*/
-struct ssh_poll_handle_struct;
-
 int packet_hmac_verify(ssh_session session,ssh_buffer buffer,unsigned char *mac);
 
-struct ssh_socket_struct;
-
-int ssh_packet_socket_callback(const void *data, size_t len, void *user);
-void ssh_packet_register_socket_callback(ssh_session session, struct ssh_socket_struct *s);
-void ssh_packet_set_callbacks(ssh_session session, ssh_packet_callbacks callbacks);
-void ssh_packet_set_default_callbacks(ssh_session session);
-void ssh_packet_process(ssh_session session, uint8_t type);
 /* connect.c */
+int ssh_regex_init(void);
+void ssh_regex_finalize(void);
+ssh_session ssh_session_new(void);
 socket_t ssh_connect_host(ssh_session session, const char *host,const char
         *bind_addr, int port, long timeout, long usec);
-socket_t ssh_connect_host_nonblocking(ssh_session session, const char *host,
-		const char *bind_addr, int port);
-void ssh_sock_set_nonblocking(socket_t sock);
-void ssh_sock_set_blocking(socket_t sock);
 
 /* in kex.c */
 extern const char *ssh_kex_nums[];
 int ssh_send_kex(ssh_session session, int server_kex);
 void ssh_list_kex(ssh_session session, KEX *kex);
 int set_kex(ssh_session session);
+int ssh_get_kex(ssh_session session, int server_kex);
 int verify_existing_algo(int algo, const char *name);
 char **space_tokenize(const char *chain);
 int ssh_get_kex1(ssh_session session);
 char *ssh_find_matching(const char *in_d, const char *what_d);
 
-
 /* in base64.c */
 ssh_buffer base64_to_bin(const char *source);
 unsigned char *bin_to_base64(const unsigned char *source, int len);
@@ -202,16 +202,28 @@ int decompress_buffer(ssh_session session,ssh_buffer buf, size_t maxlen);
 /* crc32.c */
 uint32_t ssh_crc32(const char *buf, uint32_t len);
 
+/* auth1.c */
+int ssh_userauth1_none(ssh_session session, const char *username);
+int ssh_userauth1_offer_pubkey(ssh_session session, const char *username,
+        int type, ssh_string pubkey);
+int ssh_userauth1_password(ssh_session session, const char *username,
+        const char *password);
+
+/* channels1.c */
+int channel_open_session1(ssh_channel channel);
+int channel_request_pty_size1(ssh_channel channel, const char *terminal,
+    int cols, int rows);
+int channel_change_pty_size1(ssh_channel channel, int cols, int rows);
+int channel_request_shell1(ssh_channel channel);
+int channel_request_exec1(ssh_channel channel, const char *cmd);
+int channel_handle1(ssh_session session, int type);
+int channel_write1(ssh_channel channel, const void *data, int len);
 
 /* match.c */
 int match_hostname(const char *host, const char *pattern, unsigned int len);
 
-int message_handle(ssh_session session, void *user, uint8_t type, ssh_buffer packet);
 /* log.c */
 
-void ssh_log_common(struct ssh_common_struct *common, int verbosity,
-    const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
-
 /* misc.c */
 #ifdef _WIN32
 int gettimeofday(struct timeval *__p, void *__t);
@@ -225,16 +237,16 @@ int gettimeofday(struct timeval *__p, void *__t);
 
 #define _enter_function(sess) \
 	do {\
-		if((sess)->common.log_verbosity >= SSH_LOG_FUNCTIONS){ \
+		if((sess)->log_verbosity >= SSH_LOG_FUNCTIONS){ \
 			ssh_log((sess),SSH_LOG_FUNCTIONS,"entering function %s line %d in " __FILE__ , __FUNCTION__,__LINE__);\
-			(sess)->common.log_indent++; \
+			(sess)->log_indent++; \
 		} \
 	} while(0)
 
 #define _leave_function(sess) \
 	do { \
-		if((sess)->common.log_verbosity >= SSH_LOG_FUNCTIONS){ \
-			(sess)->common.log_indent--; \
+		if((sess)->log_verbosity >= SSH_LOG_FUNCTIONS){ \
+			(sess)->log_indent--; \
 			ssh_log((sess),SSH_LOG_FUNCTIONS,"leaving function %s line %d in " __FILE__ , __FUNCTION__,__LINE__);\
 		}\
 	} while(0)
@@ -252,9 +264,6 @@ int gettimeofday(struct timeval *__p, void *__t);
 int ssh_options_set_algo(ssh_session session, int algo, const char *list);
 int ssh_options_apply(ssh_session session);
 
-/* server.c */
-SSH_PACKET_CALLBACK(ssh_packet_kexdh_init);
-
 /** Free memory space */
 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)
 

include/libssh/server.h

@@ -21,8 +21,8 @@
  */
 
 /**
- * @defgroup libssh_server The libssh server API
- *
+ * @defgroup ssh_server SSH Server
+ * @addtogroup ssh_server
  * @{
  */
 
@@ -48,33 +48,9 @@ enum ssh_bind_options_e {
   SSH_BIND_OPTIONS_LOG_VERBOSITY_STR
 };
 
+//typedef struct ssh_bind_struct SSH_BIND;
 typedef struct ssh_bind_struct* ssh_bind;
 
-/* Callback functions */
-
-/**
- * @brief Incoming connection callback. This callback is called when a ssh_bind
- *        has a new incoming connection.
- * @param sshbind Current sshbind session handler
- * @param message the actual message
- * @param userdata Userdata to be passed to the callback function.
- */
-typedef void (*ssh_bind_incoming_connection_callback) (ssh_bind sshbind,
-    void *userdata);
-
-/**
- * @brief These are the callbacks exported by the ssh_bind structure.
- *
- * They are called by the server module when events appear on the network.
- */
-struct ssh_bind_callbacks_struct {
-  /** DON'T SET THIS use ssh_callbacks_init() instead. */
-  size_t size;
-  /** A new connection is available. */
-  ssh_bind_incoming_connection_callback incoming_connection;
-};
-typedef struct ssh_bind_callbacks_struct *ssh_bind_callbacks;
-
 /**
  * @brief Creates a new SSH server bind.
  *
@@ -83,67 +59,15 @@ typedef struct ssh_bind_callbacks_struct *ssh_bind_callbacks;
 LIBSSH_API ssh_bind ssh_bind_new(void);
 
 /**
- * @brief Set the options for the current SSH server bind.
+ * @brief Set the opitons for the current SSH server bind.
  *
- * @param  sshbind     The ssh server bind to configure.
+ * @param  sshbind     The ssh server bind to use.
  *
- * @param  type The option type to set. This could be one of the
- *              following:
+ * @param  type        The option type to set.
  *
- *              - SSH_BIND_OPTIONS_BINDADDR
- *                The ip address to bind (const char *).
+ * @param  value       The option value to set.
  *
- *              - SSH_BIND_OPTIONS_BINDPORT
- *                The port to bind (unsigned int).
- *
- *              - SSH_BIND_OPTIONS_BINDPORT_STR
- *                The port to bind (const char *).
- *
- *              - SSH_BIND_OPTIONS_HOSTKEY
- *                This specifies the file containing the private host key used
- *                by SSHv1. (const char *).
- *
- *              - SSH_BIND_OPTIONS_DSAKEY
- *                This specifies the file containing the private host dsa key
- *                used by SSHv2. (const char *).
- *
- *              - SSH_BIND_OPTIONS_RSAKEY
- *                This specifies the file containing the private host dsa key
- *                used by SSHv2. (const char *).
- *
- *              - SSH_BIND_OPTIONS_BANNER
- *                That the server banner (version string) for SSH.
- *                (const char *).
- *
- *              - SSH_BIND_OPTIONS_LOG_VERBOSITY
- *                Set the session logging verbosity (int).\n
- *                \n
- *                The verbosity of the messages. Every log smaller or
- *                equal to verbosity will be shown.
- *                - SSH_LOG_NOLOG: No logging
- *                - SSH_LOG_RARE: Rare conditions or warnings
- *                - SSH_LOG_ENTRY: API-accessible entrypoints
- *                - SSH_LOG_PACKET: Packet id and size
- *                - SSH_LOG_FUNCTIONS: Function entering and leaving
- *
- *              - SSH_BIND_OPTIONS_LOG_VERBOSITY_STR
- *                Set the session logging verbosity (const char *).\n
- *                \n
- *                The verbosity of the messages. Every log smaller or
- *                equal to verbosity will be shown.
- *                - SSH_LOG_NOLOG: No logging
- *                - SSH_LOG_RARE: Rare conditions or warnings
- *                - SSH_LOG_ENTRY: API-accessible entrypoints
- *                - SSH_LOG_PACKET: Packet id and size
- *                - SSH_LOG_FUNCTIONS: Function entering and leaving
- *                \n
- *                See the corresponding numbers in libssh.h.
- *
- * @param  value The value to set. This is a generic pointer and the
- *               datatype which is used should be set according to the
- *               type set.
- *
- * @returns     SSH_OK on success, SSH_ERROR on invalid option or parameter.
+ * @return 0 on success, < 0 on error.
  */
 LIBSSH_API int ssh_bind_options_set(ssh_bind sshbind,
     enum ssh_bind_options_e type, const void *value);
@@ -157,29 +81,6 @@ LIBSSH_API int ssh_bind_options_set(ssh_bind sshbind,
  */
 LIBSSH_API int ssh_bind_listen(ssh_bind ssh_bind_o);
 
-/**
- * @brief Set the callback for this bind.
- *
- * @param[in] sshbind   The bind to set the callback on.
- *
- * @param[in] callbacks An already set up ssh_bind_callbacks instance.
- *
- * @param[in] userdata  A pointer to private data to pass to the callbacks.
- *
- * @return              SSH_OK on success, SSH_ERROR if an error occured.
- *
- * @code
- *     struct ssh_callbacks_struct cb = {
- *         .userdata = data,
- *         .auth_function = my_auth_function
- *     };
- *     ssh_callbacks_init(&cb);
- *     ssh_bind_set_callbacks(session, &cb);
- * @endcode
- */
-LIBSSH_API int ssh_bind_set_callbacks(ssh_bind sshbind, ssh_bind_callbacks callbacks,
-    void *userdata);
-
 /**
  * @brief  Set the session to blocking/nonblocking mode.
  *
@@ -220,19 +121,10 @@ LIBSSH_API void ssh_bind_fd_toaccept(ssh_bind ssh_bind_o);
  * @param  ssh_bind_o     The ssh server bind to accept a connection.
  * @param  session			A preallocated ssh session
  * @see ssh_new
- * @return SSH_OK when a connection is established
+ * @return A newly allocated ssh session, NULL on error.
  */
 LIBSSH_API int ssh_bind_accept(ssh_bind ssh_bind_o, ssh_session session);
 
-/**
- * @brief Handles the key exchange and set up encryption
- *
- * @param  session			A connected ssh session
- * @see ssh_bind_accept
- * @return SSH_OK if the key exchange was successful
- */
-LIBSSH_API int ssh_handle_key_exchange(ssh_session session);
-
 /**
  * @brief Free a ssh servers bind.
  *
@@ -240,29 +132,32 @@ LIBSSH_API int ssh_handle_key_exchange(ssh_session session);
  */
 LIBSSH_API void ssh_bind_free(ssh_bind ssh_bind_o);
 
+/**
+ * @brief Exchange the banner and cryptographic keys.
+ *
+ * @param  session      The ssh session to accept a connection.
+ *
+ * @return 0 on success, < 0 on error.
+ */
+LIBSSH_API int ssh_accept(ssh_session session);
+
+LIBSSH_API int channel_write_stderr(ssh_channel channel, const void *data, uint32_t len);
+
 /* messages.c */
 LIBSSH_API int ssh_message_reply_default(ssh_message msg);
 
 LIBSSH_API char *ssh_message_auth_user(ssh_message msg);
 LIBSSH_API char *ssh_message_auth_password(ssh_message msg);
 LIBSSH_API ssh_public_key ssh_message_auth_publickey(ssh_message msg);
-LIBSSH_API enum ssh_publickey_state_e ssh_message_auth_publickey_state(ssh_message msg);
 LIBSSH_API int ssh_message_auth_reply_success(ssh_message msg,int partial);
 LIBSSH_API int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey);
-LIBSSH_API int ssh_message_auth_reply_pk_ok_simple(ssh_message msg);
-
 LIBSSH_API int ssh_message_auth_set_methods(ssh_message msg, int methods);
 
 LIBSSH_API int ssh_message_service_reply_success(ssh_message msg);
 LIBSSH_API char *ssh_message_service_service(ssh_message msg);
 
-LIBSSH_API int ssh_message_global_request_reply_success(ssh_message msg,
-                                                        uint16_t bound_port);
-
 LIBSSH_API void ssh_set_message_callback(ssh_session session,
-    int(*ssh_bind_message_callback)(ssh_session session, ssh_message msg, void *data),
-    void *data);
-LIBSSH_API int ssh_execute_message_callbacks(ssh_session session);
+    int(*ssh_message_callback)(ssh_session session, ssh_message msg));
 
 LIBSSH_API char *ssh_message_channel_request_open_originator(ssh_message msg);
 LIBSSH_API int ssh_message_channel_request_open_originator_port(ssh_message msg);
@@ -284,32 +179,13 @@ LIBSSH_API char *ssh_message_channel_request_command(ssh_message msg);
 
 LIBSSH_API char *ssh_message_channel_request_subsystem(ssh_message msg);
 
-LIBSSH_API char *ssh_message_global_request_address(ssh_message msg);
-LIBSSH_API int ssh_message_global_request_port(ssh_message msg);
-
-LIBSSH_API int ssh_channel_open_reverse_forward(ssh_channel channel, const char *remotehost,
-    int remoteport, const char *sourcehost, int localport);
-
-LIBSSH_API int ssh_channel_request_send_exit_status(ssh_channel channel,
-                                                int exit_status);
-LIBSSH_API int ssh_channel_request_send_exit_signal(ssh_channel channel,
-                                                const char *signum,
-                                                int core,
-                                                const char *errmsg,
-                                                const char *lang);
-LIBSSH_API int ssh_channel_write_stderr(ssh_channel channel,
-                                                const void *data,
-                                                uint32_t len);
-
-/* deprecated functions */
-SSH_DEPRECATED LIBSSH_API int ssh_accept(ssh_session session);
-SSH_DEPRECATED LIBSSH_API int channel_write_stderr(ssh_channel channel,
-        const void *data, uint32_t len);
-
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
 
 #endif /* SERVER_H */
 
-/** @} */
+/**
+ * @}
+ */
+/* vim: set ts=2 sw=2 et cindent: */

include/libssh/session.h

@@ -24,54 +24,12 @@
 #include "libssh/priv.h"
 #include "libssh/packet.h"
 #include "libssh/pcap.h"
-#include "libssh/auth.h"
-#include "libssh/channels.h"
-#include "libssh/poll.h"
+
 typedef struct ssh_kbdint_struct* ssh_kbdint;
 
-/* These are the different states a SSH session can be into its life */
-enum ssh_session_state_e {
-	SSH_SESSION_STATE_NONE=0,
-	SSH_SESSION_STATE_CONNECTING,
-	SSH_SESSION_STATE_SOCKET_CONNECTED,
-	SSH_SESSION_STATE_BANNER_RECEIVED,
-	SSH_SESSION_STATE_INITIAL_KEX,
-	SSH_SESSION_STATE_KEXINIT_RECEIVED,
-	SSH_SESSION_STATE_DH,
-	SSH_SESSION_STATE_AUTHENTICATING,
-	SSH_SESSION_STATE_AUTHENTICATED,
-	SSH_SESSION_STATE_ERROR,
-	SSH_SESSION_STATE_DISCONNECTED
-};
-
-enum ssh_dh_state_e {
-  DH_STATE_INIT=0,
-  DH_STATE_INIT_SENT,
-  DH_STATE_NEWKEYS_SENT,
-  DH_STATE_FINISHED
-};
-
-enum ssh_pending_call_e {
-	SSH_PENDING_CALL_NONE = 0,
-	SSH_PENDING_CALL_CONNECT,
-	SSH_PENDING_CALL_AUTH_NONE,
-	SSH_PENDING_CALL_AUTH_PASSWORD
-};
-
-/* libssh calls may block an undefined amount of time */
-#define SSH_SESSION_FLAG_BLOCKING 1
-
-/* members that are common to ssh_session and ssh_bind */
-struct ssh_common_struct {
-    struct error_struct error;
-    ssh_callbacks callbacks; /* Callbacks to user functions */
-    int log_verbosity; /* verbosity of the log functions */
-    int log_indent; /* indentation level in enter_function logs */
-};
-
 struct ssh_session_struct {
-    struct ssh_common_struct common;
-    struct ssh_socket_struct *socket;
+    struct error_struct error;
+    struct socket *socket;
     char *serverbanner;
     char *clientbanner;
     int protoversion;
@@ -88,13 +46,15 @@ struct ssh_session_struct {
     /* !=0 when the user got a session handle */
     int alive;
     /* two previous are deprecated */
-    /* int auth_service_asked; */
+    int auth_service_asked;
 
-    /* session flags (SSH_SESSION_FLAG_*) */
-    int flags;
+/* socket status */
+    int blocking; // functions should block
 
     ssh_string banner; /* that's the issue banner from
                        the server */
+    char *remotebanner; /* that's the SSH- banner from
+                           remote host. */
     char *discon_msg; /* disconnect message from
                          the remote host */
     ssh_buffer in_buffer;
@@ -103,14 +63,10 @@ struct ssh_session_struct {
 
     /* the states are used by the nonblocking stuff to remember */
     /* where it was before being interrupted */
-    enum ssh_pending_call_e pending_call_state;
-    enum ssh_session_state_e session_state;
     int packet_state;
-    enum ssh_dh_state_e dh_handshake_state;
-    enum ssh_auth_service_state_e auth_service_state;
-    enum ssh_auth_state_e auth_state;
-    enum ssh_channel_request_state_e global_req_state;
-    ssh_string dh_server_signature; /* information used by dh_handshake. */
+    int dh_handshake_state;
+    ssh_string dh_server_signature; //information used by dh_handshake.
+
     KEX server_kex;
     KEX client_kex;
     ssh_buffer in_hashbuf;
@@ -118,7 +74,7 @@ struct ssh_session_struct {
     struct ssh_crypto_struct *current_crypto;
     struct ssh_crypto_struct *next_crypto;  /* next_crypto is going to be used after a SSH2_MSG_NEWKEYS */
 
-    struct ssh_list *channels; /* linked list of channels */
+    ssh_channel channels; /* linked list of channels */
     int maxchannel;
     int exec_channel_opened; /* version 1 only. more
                                 info in channels1.c */
@@ -134,46 +90,33 @@ struct ssh_session_struct {
     int auth_methods;
     int hostkeys; /* contains type of host key wanted by client, in server impl */
     struct ssh_list *ssh_message_list; /* list of delayed SSH messages */
-    int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata);
-    void *ssh_message_callback_data;
+    int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg);
+    int log_verbosity; /*cached copy of the option structure */
+    int log_indent; /* indentation level in enter_function logs */
+
+    ssh_callbacks callbacks; /* Callbacks to user functions */
 
-    void (*ssh_connection_callback)( struct ssh_session_struct *session);
-    struct ssh_packet_callbacks_struct default_packet_callbacks;
-    struct ssh_list *packet_callbacks;
-    struct ssh_socket_callbacks_struct socket_callbacks;
-    ssh_poll_ctx default_poll_ctx;
     /* options */
 #ifdef WITH_PCAP
     ssh_pcap_context pcap_ctx; /* pcap debugging context */
 #endif
     char *username;
     char *host;
-    char *bindaddr; /* bind the client to an ip addr */
+    char *bindaddr; /* TODO: check if needed */
     char *xbanner; /* TODO: looks like it is not needed */
     struct ssh_list *identity;
     char *sshdir;
     char *knownhosts;
     char *wanted_methods[10];
-    char compressionlevel;
     unsigned long timeout; /* seconds */
     unsigned long timeout_usec;
     unsigned int port;
     socket_t fd;
     int ssh2;
     int ssh1;
-    int StrictHostKeyChecking;
     char *ProxyCommand;
 };
 
-/** @internal
- * @brief a termination function evaluates the status of an object
- * @param user[in] object to evaluate
- * @returns 1 if the polling routine should terminate, 0 instead
- */
-typedef int (*ssh_termination_function)(void *user);
-int ssh_handle_packets(ssh_session session, int timeout);
-int ssh_handle_packets_termination(ssh_session session, int timeout,
-    ssh_termination_function fct, void *user);
-void ssh_socket_exception_callback(int code, int errno_code, void *user);
-
+int ssh_handle_packets(ssh_session session);
+void ssh_global_request_handle(ssh_session session);
 #endif /* SESSION_H_ */

include/libssh/sftp.h

@@ -32,7 +32,7 @@
  * it can fetch it, while continuing to read for other messages (it is
  * unspecified in which order messages may be sent back to the client
  *
- * @defgroup libssh_sftp The libssh SFTP API
+ * @defgroup ssh_sftp SFTP Functions
  * @{
  */
 
@@ -843,44 +843,22 @@ void sftp_handle_remove(sftp_session sftp, void *handle);
 #define SSH_FILEXFER_TYPE_SPECIAL 4
 #define SSH_FILEXFER_TYPE_UNKNOWN 5
 
-/**
- * @name Server responses
- *
- * @brief Responses returned by the sftp server.
- * @{
- */
-
-/** No error */
+/* server responses */
 #define SSH_FX_OK 0
-/** End-of-file encountered */
 #define SSH_FX_EOF 1
-/** File doesn't exist */
 #define SSH_FX_NO_SUCH_FILE 2
-/** Permission denied */
 #define SSH_FX_PERMISSION_DENIED 3
-/** Generic failure */
 #define SSH_FX_FAILURE 4
-/** Garbage received from server */
 #define SSH_FX_BAD_MESSAGE 5
-/** No connection has been set up */
 #define SSH_FX_NO_CONNECTION 6
-/** There was a connection, but we lost it */
 #define SSH_FX_CONNECTION_LOST 7
-/** Operation not supported by the server */
 #define SSH_FX_OP_UNSUPPORTED 8
-/** Invalid file handle */
 #define SSH_FX_INVALID_HANDLE 9
-/** No such file or directory path exists */
 #define SSH_FX_NO_SUCH_PATH 10
-/** An attempt to create an already existing file or directory has been made */
 #define SSH_FX_FILE_ALREADY_EXISTS 11
-/** We are trying to write on a write-protected filesystem */
 #define SSH_FX_WRITE_PROTECT 12
-/** No media in remote drive */
 #define SSH_FX_NO_MEDIA 13
 
-/** @} */
-
 /* file flags */
 #define SSH_FXF_READ 0x01
 #define SSH_FXF_WRITE 0x02

include/libssh/socket.h

@@ -22,47 +22,40 @@
 #ifndef SOCKET_H_
 #define SOCKET_H_
 
-#include "libssh/callbacks.h"
-struct ssh_poll_handle_struct;
 /* socket.c */
 
-struct ssh_socket_struct;
-typedef struct ssh_socket_struct* ssh_socket;
-
+struct socket;
 int ssh_socket_init(void);
-void ssh_socket_cleanup(void);
-ssh_socket ssh_socket_new(ssh_session session);
-void ssh_socket_reset(ssh_socket s);
-void ssh_socket_free(ssh_socket s);
-void ssh_socket_set_fd(ssh_socket s, socket_t fd);
-socket_t ssh_socket_get_fd_in(ssh_socket s);
+struct socket *ssh_socket_new(ssh_session session);
+void ssh_socket_free(struct socket *s);
+void ssh_socket_set_fd(struct socket *s, socket_t fd);
+socket_t ssh_socket_get_fd(struct socket *s);
 #ifndef _WIN32
-int ssh_socket_unix(ssh_socket s, const char *path);
-void ssh_execute_command(const char *command, socket_t in, socket_t out);
-int ssh_socket_connect_proxycommand(ssh_socket s, const char *command);
+int ssh_socket_unix(struct socket *s, const char *path);
 #endif
-void ssh_socket_close(ssh_socket s);
-int ssh_socket_write(ssh_socket s,const void *buffer, int len);
-int ssh_socket_is_open(ssh_socket s);
-int ssh_socket_fd_isset(ssh_socket s, fd_set *set);
-void ssh_socket_fd_set(ssh_socket s, fd_set *set, socket_t *max_fd);
-void ssh_socket_set_fd_in(ssh_socket s, socket_t fd);
-void ssh_socket_set_fd_out(ssh_socket s, socket_t fd);
-int ssh_socket_nonblocking_flush(ssh_socket s);
-void ssh_socket_set_write_wontblock(ssh_socket s);
-void ssh_socket_set_read_wontblock(ssh_socket s);
-void ssh_socket_set_except(ssh_socket s);
-int ssh_socket_get_status(ssh_socket s);
-int ssh_socket_buffered_write_bytes(ssh_socket s);
-int ssh_socket_data_available(ssh_socket s);
-int ssh_socket_data_writable(ssh_socket s);
+void ssh_socket_close(struct socket *s);
+int ssh_socket_read(struct socket *s, void *buffer, int len);
+int ssh_socket_write(struct socket *s,const void *buffer, int len);
+int ssh_socket_is_open(struct socket *s);
+int ssh_socket_fd_isset(struct socket *s, fd_set *set);
+void ssh_socket_fd_set(struct socket *s, fd_set *set, int *fd_max);
+int ssh_socket_completeread(struct socket *s, void *buffer, uint32_t len);
+int ssh_socket_completewrite(struct socket *s, const void *buffer, uint32_t len);
+int ssh_socket_wait_for_data(struct socket *s, ssh_session session, uint32_t len);
+int ssh_socket_nonblocking_flush(struct socket *s);
+int ssh_socket_blocking_flush(struct socket *s);
+int ssh_socket_poll(struct socket *s, int *writeable, int *except);
+void ssh_socket_set_towrite(struct socket *s);
+void ssh_socket_set_toread(struct socket *s);
+void ssh_socket_set_except(struct socket *s);
+int ssh_socket_get_status(struct socket *s);
+int ssh_socket_data_available(struct socket *s);
+int ssh_socket_data_writable(struct socket *s);
 
-void ssh_socket_set_callbacks(ssh_socket s, ssh_socket_callbacks callbacks);
-int ssh_socket_pollcallback(struct ssh_poll_handle_struct *p, socket_t fd, int revents, void *v_s);
-struct ssh_poll_handle_struct * ssh_socket_get_poll_handle_in(ssh_socket s);
-struct ssh_poll_handle_struct * ssh_socket_get_poll_handle_out(ssh_socket s);
-
-void ssh_socket_set_connecting(ssh_socket s, socket_t fd);
-int ssh_socket_connect(ssh_socket s, const char *host, int port, const char *bind_addr);
+#ifndef _WIN32
+void ssh_execute_command(const char *command, socket_t in, socket_t out);
+socket_t ssh_socket_connect_proxycommand(ssh_session session,
+    const char *command);
+#endif
 
 #endif /* SOCKET_H_ */

include/libssh/threads.h

@@ -1,32 +0,0 @@
-/*
- * This file is part of the SSH Library
- *
- * Copyright (c) 2010 by Aris Adamantiadis
- *
- * The SSH Library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The SSH Library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the SSH Library; see the file COPYING.  If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
- */
-
-#ifndef THREADS_H_
-#define THREADS_H_
-
-#include <libssh/libssh.h>
-#include <libssh/callbacks.h>
-
-int ssh_threads_init(void);
-void ssh_threads_finalize(void);
-const char *ssh_threads_get_type(void);
-
-#endif /* THREADS_H_ */

include/libssh/wrapper.h

@@ -23,8 +23,79 @@
 #define WRAPPER_H_
 
 #include "config.h"
-#include "libssh/libcrypto.h"
-#include "libssh/libgcrypt.h"
+
+#ifdef MD5_DIGEST_LEN
+    #undef MD5_DIGEST_LEN
+#endif
+/* wrapper things */
+#ifdef HAVE_LIBGCRYPT
+#include <gcrypt.h>
+typedef gcry_md_hd_t SHACTX;
+typedef gcry_md_hd_t MD5CTX;
+typedef gcry_md_hd_t HMACCTX;
+#define SHA_DIGEST_LEN 20
+#define MD5_DIGEST_LEN 16
+#define EVP_MAX_MD_SIZE 36
+
+typedef gcry_mpi_t bignum;
+
+#define bignum_new() gcry_mpi_new(0)
+#define bignum_free(num) gcry_mpi_release(num)
+#define bignum_set_word(bn,n) gcry_mpi_set_ui(bn,n)
+#define bignum_bin2bn(bn,datalen,data) gcry_mpi_scan(data,GCRYMPI_FMT_USG,bn,datalen,NULL)
+#define bignum_bn2dec(num) my_gcry_bn2dec(num)
+#define bignum_dec2bn(num, data) my_gcry_dec2bn(data, num)
+#define bignum_bn2hex(num,data) gcry_mpi_aprint(GCRYMPI_FMT_HEX,data,NULL,num)
+#define bignum_hex2bn(num,datalen,data) gcry_mpi_scan(num,GCRYMPI_FMT_HEX,data,datalen,NULL)
+#define bignum_rand(num,bits) gcry_mpi_randomize(num,bits,GCRY_STRONG_RANDOM),gcry_mpi_set_bit(num,bits-1),gcry_mpi_set_bit(num,0)
+#define bignum_mod_exp(dest,generator,exp,modulo) gcry_mpi_powm(dest,generator,exp,modulo)
+#define bignum_num_bits(num) gcry_mpi_get_nbits(num)
+#define bignum_num_bytes(num) ((gcry_mpi_get_nbits(num)+7)/8)
+#define bignum_is_bit_set(num,bit) gcry_mpi_test_bit(num,bit)
+#define bignum_bn2bin(num,datalen,data) gcry_mpi_print(GCRYMPI_FMT_USG,data,datalen,NULL,num)
+#define bignum_cmp(num1,num2) gcry_mpi_cmp(num1,num2)
+
+#elif defined HAVE_LIBCRYPTO
+
+#include <openssl/dsa.h>
+#include <openssl/rsa.h>
+#include <openssl/sha.h>
+#include <openssl/md5.h>
+#include <openssl/hmac.h>
+typedef SHA_CTX* SHACTX;
+typedef MD5_CTX*  MD5CTX;
+typedef HMAC_CTX* HMACCTX;
+
+#define SHA_DIGEST_LEN SHA_DIGEST_LENGTH
+#define MD5_DIGEST_LEN MD5_DIGEST_LENGTH
+
+#include <openssl/bn.h>
+#include <openssl/opensslv.h>
+#define OPENSSL_0_9_7b 0x0090702fL
+#if (OPENSSL_VERSION_NUMBER <= OPENSSL_0_9_7b)
+#define BROKEN_AES_CTR
+#endif
+typedef BIGNUM*  bignum;
+typedef BN_CTX* bignum_CTX;
+
+#define bignum_new() BN_new()
+#define bignum_free(num) BN_clear_free(num)
+#define bignum_set_word(bn,n) BN_set_word(bn,n)
+#define bignum_bin2bn(bn,datalen,data) BN_bin2bn(bn,datalen,data)
+#define bignum_bn2dec(num) BN_bn2dec(num)
+#define bignum_dec2bn(bn,data) BN_dec2bn(data,bn)
+#define bignum_bn2hex(num) BN_bn2hex(num)
+#define bignum_rand(rnd, bits, top, bottom) BN_rand(rnd,bits,top,bottom)
+#define bignum_ctx_new() BN_CTX_new()
+#define bignum_ctx_free(num) BN_CTX_free(num)
+#define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx)
+#define bignum_num_bytes(num) BN_num_bytes(num)
+#define bignum_num_bits(num) BN_num_bits(num)
+#define bignum_is_bit_set(num,bit) BN_is_bit_set(num,bit)
+#define bignum_bn2bin(num,ptr) BN_bn2bin(num,ptr)
+#define bignum_cmp(num1,num2) BN_cmp(num1,num2)
+
+#endif /* OPENSSL_CRYPTO */
 
 MD5CTX md5_init(void);
 void md5_update(MD5CTX c, const void *data, unsigned long len);
@@ -44,6 +115,5 @@ int crypt_set_algorithms_server(ssh_session session);
 struct ssh_crypto_struct *crypto_new(void);
 void crypto_free(struct ssh_crypto_struct *crypto);
 
-void ssh_reseed(void);
 
 #endif /* WRAPPER_H_ */

libssh.pc.cmake

@@ -1,6 +0,0 @@
-Name: ${APPLICATION_NAME}
-Description: The SSH Library
-Version: ${APPLICATION_VERSION}
-Libs: -L${LIB_INSTALL_DIR} -lssh
-Cflags: -I${INCLUDE_INSTALL_DIR}
-

libssh/CMakeLists.txt

@@ -2,13 +2,13 @@ project(libssh-library C)
 
 set(LIBSSH_PUBLIC_INCLUDE_DIRS
   ${CMAKE_SOURCE_DIR}/include
+  ${CMAKE_CURRENT_SOURCE_DIR}
+  ${CMAKE_SOURCE_DIR}
   CACHE INTERNAL "libssh public include directories"
 )
 
 set(LIBSSH_PRIVATE_INCLUDE_DIRS
   ${CMAKE_BINARY_DIR}
-  ${OPENSSL_INCLUDE_DIRS}
-  ${GCRYPT_INCLUDE_DIRS}
   ${ZLIB_INCLUDE_DIRS}
 )
 
@@ -67,11 +67,6 @@ if (GCRYPT_LIBRARY)
   )
 endif (GCRYPT_LIBRARY)
 
-set(LIBSSH_LINK_LIBRARIES
-  ${LIBSSH_LINK_LIBRARIES}
-  CACHE INTERNAL "libssh link libraries"
-)
-
 set(libssh_SRCS
   agent.c
   auth.c
@@ -86,34 +81,34 @@ set(libssh_SRCS
   crypt.c
   dh.c
   error.c
-  getpass.c
   gcrypt_missing.c
   gzip.c
   init.c
   kex.c
   keyfiles.c
   keys.c
-  known_hosts.c
-  legacy.c
-  libcrypto.c
-  libgcrypt.c
   log.c
   match.c
   messages.c
   misc.c
   options.c
   packet.c
-  pcap.c
-  pki.c
   poll.c
   session.c
   scp.c
   socket.c
   string.c
-  threads.c
   wrapper.c
 )
 
+if (WITH_PCAP)
+  set(libssh_SRCS
+    ${libssh_SRCS}
+    pcap.c
+  )
+
+endif (WITH_PCAP)
+
 if (WITH_SFTP)
   set(libssh_SRCS
     ${libssh_SRCS}
@@ -133,7 +128,6 @@ if (WITH_SSH1)
     ${libssh_SRCS}
     auth1.c
     channels1.c
-    packet1.c
   )
 endif (WITH_SSH1)
 
@@ -141,7 +135,6 @@ if (WITH_SERVER)
   set(libssh_SRCS
     ${libssh_SRCS}
     server.c
-    bind.c
   )
 endif (WITH_SERVER)
 
@@ -184,11 +177,6 @@ install(
 if (WITH_STATIC_LIB)
   add_library(${LIBSSH_STATIC_LIBRARY} STATIC ${libssh_SRCS})
 
-  if (MSVC)
-    set(OUTPUT_SUFFIX static)
-  else (MSVC)
-    set(OUTPUT_SUFFIX )
-  endif (MSVC)
   set_target_properties(
     ${LIBSSH_STATIC_LIBRARY}
       PROPERTIES
@@ -196,31 +184,17 @@ if (WITH_STATIC_LIB)
           ${LIBRARY_VERSION}
         SOVERSION
           ${LIBRARY_SOVERSION}
-        OUTPUT_NAME
-          ssh
-        ARCHIVE_OUTPUT_DIRECTORY
-          ${CMAKE_CURRENT_BINARY_DIR}/${OUTPUT_SUFFIX}
+        COMPILE_FLAGS
+          "-DLIBSSH_STATIC"
   )
 
-  if (WIN32)
-    set_target_properties(
-      ${LIBSSH_STATIC_LIBRARY}
-        PROPERTIES
-          COMPILE_FLAGS
-            "-DLIBSSH_STATIC"
-    )
-  endif (WIN32)
-
   install(
     TARGETS
       ${LIBSSH_STATIC_LIBRARY}
     DESTINATION
-      ${LIB_INSTALL_DIR}/${OUTPUT_SUFFIX}
+      ${LIB_INSTALL_DIR}
     COMPONENT
       libraries
   )
 endif (WITH_STATIC_LIB)
 
-if (CMAKE_HAVE_THREADS_LIBRARY)
-    add_subdirectory(threads)
-endif (CMAKE_HAVE_THREADS_LIBRARY)

libssh/agent.c

@@ -27,7 +27,7 @@
  * How does the ssh-agent work?
  *
  * a) client sends a request to get a list of all keys
- *    the agent returns the count and all public keys
+ *    the agent returns the cound and all public keys
  * b) iterate over them to check if the server likes one
  * c) the client sends a sign request to the agent
  *    type, pubkey as blob, data to sign, flags
@@ -41,10 +41,10 @@
 #include <string.h>
 #include <stdio.h>
 
+#include <poll.h>
 #include <unistd.h>
 
 #ifndef _WIN32
-#include <netinet/in.h>
 #include <arpa/inet.h>
 #endif
 
@@ -54,7 +54,6 @@
 #include "libssh/buffer.h"
 #include "libssh/session.h"
 #include "libssh/keys.h"
-#include "libssh/poll.h"
 
 /* macro to check for "agent failure" message */
 #define agent_failed(x) \
@@ -82,12 +81,12 @@ static void agent_put_u32(void *vp, uint32_t v) {
   p[3] = (uint8_t)v & 0xff;
 }
 
-static size_t atomicio(ssh_socket s, void *buf, size_t n, int do_read) {
+static size_t atomicio(struct socket *s, void *buf, size_t n, int do_read) {
   char *b = buf;
   size_t pos = 0;
   ssize_t res;
-  ssh_pollfd_t pfd;
-  socket_t fd = ssh_socket_get_fd_in(s);
+  struct pollfd pfd;
+  int fd = ssh_socket_get_fd(s);
 
   pfd.fd = fd;
   pfd.events = do_read ? POLLIN : POLLOUT;
@@ -108,7 +107,7 @@ static size_t atomicio(ssh_socket s, void *buf, size_t n, int do_read) {
 #else
         if (errno == EAGAIN) {
 #endif
-          (void) ssh_poll(&pfd, 1, -1);
+          (void) poll(&pfd, 1, -1);
           continue;
         }
         return 0;
@@ -155,7 +154,7 @@ void agent_close(struct ssh_agent_struct *agent) {
 void agent_free(ssh_agent agent) {
   if (agent) {
     if (agent->ident) {
-      ssh_buffer_free(agent->ident);
+      buffer_free(agent->ident);
     }
     if (agent->sock) {
       agent_close(agent);
@@ -209,7 +208,7 @@ static int agent_talk(struct ssh_session_struct *session,
   uint32_t len = 0;
   uint8_t payload[1024] = {0};
 
-  len = buffer_get_rest_len(request);
+  len = buffer_get_len(request);
   ssh_log(session, SSH_LOG_PACKET, "agent_talk - len of request: %u", len);
   agent_put_u32(payload, len);
 
@@ -285,23 +284,23 @@ int agent_get_ident_count(struct ssh_session_struct *session) {
   }
 
   /* send message to the agent requesting the list of identities */
-  request = ssh_buffer_new();
+  request = buffer_new();
   if (buffer_add_u8(request, c1) < 0) {
     ssh_set_error(session, SSH_FATAL, "Not enough space");
     return -1;
   }
 
-  reply = ssh_buffer_new();
+  reply = buffer_new();
   if (reply == NULL) {
     ssh_set_error(session, SSH_FATAL, "Not enough space");
     return -1;
   }
 
   if (agent_talk(session, request, reply) < 0) {
-    ssh_buffer_free(request);
+    buffer_free(request);
     return 0;
   }
-  ssh_buffer_free(request);
+  buffer_free(request);
 
   /* get message type and verify the answer */
   buffer_get_u8(reply, (uint8_t *) &type);
@@ -324,7 +323,7 @@ int agent_get_ident_count(struct ssh_session_struct *session) {
     ssh_set_error(session, SSH_FATAL,
         "Too many identities in authentication reply: %d",
         session->agent->count);
-    ssh_buffer_free(reply);
+    buffer_free(reply);
     return -1;
   }
 
@@ -370,24 +369,24 @@ struct ssh_public_key_struct *agent_get_next_ident(struct ssh_session_struct *se
       /* get the comment */
       tmp = buffer_get_ssh_string(session->agent->ident);
       if (tmp == NULL) {
-        ssh_string_free(blob);
+        string_free(blob);
 
         return NULL;
       }
 
       if (comment) {
-        *comment = ssh_string_to_char(tmp);
+        *comment = string_to_char(tmp);
       } else {
-        ssh_string_free(blob);
-        ssh_string_free(tmp);
+        string_free(blob);
+        string_free(tmp);
 
         return NULL;
       }
-      ssh_string_free(tmp);
+      string_free(tmp);
 
       /* get key from blob */
       pubkey = publickey_from_string(session, blob);
-      ssh_string_free(blob);
+      string_free(blob);
       break;
     default:
       return NULL;
@@ -410,7 +409,7 @@ ssh_string agent_sign_data(struct ssh_session_struct *session,
   /* create blob from the pubkey */
   blob = publickey_to_string(pubkey);
 
-  request = ssh_buffer_new();
+  request = buffer_new();
   if (request == NULL) {
     goto error;
   }
@@ -426,11 +425,11 @@ ssh_string agent_sign_data(struct ssh_session_struct *session,
   }
 
   /* Add data */
-  dlen = buffer_get_rest_len(data);
+  dlen = buffer_get_len(data);
   if (buffer_add_u32(request, htonl(dlen)) < 0) {
     goto error;
   }
-  if (buffer_add_data(request, buffer_get_rest(data), dlen) < 0) {
+  if (buffer_add_data(request, buffer_get(data), dlen) < 0) {
     goto error;
   }
 
@@ -438,21 +437,19 @@ ssh_string agent_sign_data(struct ssh_session_struct *session,
     goto error;
   }
 
-  ssh_string_free(blob);
-  blob = NULL;
+  string_free(blob);
 
-  reply = ssh_buffer_new();
+  reply = buffer_new();
   if (reply == NULL) {
     goto error;
   }
 
   /* send the request */
   if (agent_talk(session, request, reply) < 0) {
-    ssh_buffer_free(request);
+    buffer_free(request);
     return NULL;
   }
-  ssh_buffer_free(request);
-  request = NULL;
+  buffer_free(request);
 
   /* check if reply is valid */
   if (buffer_get_u8(reply, (uint8_t *) &type) != sizeof(uint8_t)) {
@@ -460,24 +457,24 @@ ssh_string agent_sign_data(struct ssh_session_struct *session,
   }
   if (agent_failed(type)) {
     ssh_log(session, SSH_LOG_RARE, "Agent reports failure in signing the key");
-    ssh_buffer_free(reply);
+    buffer_free(reply);
     return NULL;
   } else if (type != SSH2_AGENT_SIGN_RESPONSE) {
     ssh_set_error(session, SSH_FATAL, "Bad authentication response: %d", type);
-    ssh_buffer_free(reply);
+    buffer_free(reply);
     return NULL;
   }
 
   sig = buffer_get_ssh_string(reply);
 
-  ssh_buffer_free(reply);
+  buffer_free(reply);
 
   return sig;
 error:
   ssh_set_error(session, SSH_FATAL, "Not enough memory");
-  ssh_string_free(blob);
-  ssh_buffer_free(request);
-  ssh_buffer_free(reply);
+  string_free(blob);
+  buffer_free(request);
+  buffer_free(reply);
 
   return NULL;
 }

libssh/auth1.c

@@ -35,87 +35,65 @@
 
 #ifdef WITH_SSH1
 static int wait_auth1_status(ssh_session session) {
-  enter_function();
   /* wait for a packet */
-  while(session->auth_state == SSH_AUTH_STATE_NONE)
-    if (ssh_handle_packets(session, -2) != SSH_OK)
-      break;
-  ssh_log(session,SSH_LOG_PROTOCOL,"Auth state : %d",session->auth_state);
-  leave_function();
-  switch(session->auth_state) {
-    case SSH_AUTH_STATE_SUCCESS:
-      return SSH_AUTH_SUCCESS;
-    case SSH_AUTH_STATE_FAILED:
-      return SSH_AUTH_DENIED;
-    default:
-      return SSH_AUTH_ERROR;
+  if (packet_read(session) != SSH_OK) {
+    return SSH_AUTH_ERROR;
   }
-  return SSH_AUTH_ERROR;
-}
 
-void ssh_auth1_handler(ssh_session session, uint8_t type){
-  if(session->session_state != SSH_SESSION_STATE_AUTHENTICATING){
-    ssh_set_error(session,SSH_FATAL,"SSH_SMSG_SUCCESS or FAILED received in wrong state");
-    return;
+  if(packet_translate(session) != SSH_OK) {
+    return SSH_AUTH_ERROR;
   }
-  if(type==SSH_SMSG_SUCCESS){
-    session->auth_state=SSH_AUTH_STATE_SUCCESS;
-    session->session_state=SSH_SESSION_STATE_AUTHENTICATED;
-  } else if(type==SSH_SMSG_FAILURE)
-    session->auth_state=SSH_AUTH_STATE_FAILED;
+
+  switch(session->in_packet.type) {
+    case SSH_SMSG_SUCCESS:
+      return SSH_AUTH_SUCCESS;
+    case SSH_SMSG_FAILURE:
+      return SSH_AUTH_DENIED;
+  }
+
+  ssh_set_error(session, SSH_FATAL, "Was waiting for a SUCCESS or "
+      "FAILURE, got %d", session->in_packet.type);
+
+  return SSH_AUTH_ERROR;
 }
 
 static int send_username(ssh_session session, const char *username) {
   ssh_string user = NULL;
   /* returns SSH_AUTH_SUCCESS or SSH_AUTH_DENIED */
-  if(session->auth_service_state == SSH_AUTH_SERVICE_USER_SENT) {
-    if(session->auth_state == SSH_AUTH_STATE_FAILED)
-      return SSH_AUTH_DENIED;
-    if(session->auth_state == SSH_AUTH_STATE_SUCCESS)
-      return SSH_AUTH_SUCCESS;
-    return SSH_AUTH_ERROR;
+  if(session->auth_service_asked) {
+    return session->auth_service_asked;
   }
 
   if (!username) {
     if(!(username = session->username)) {
       if (ssh_options_set(session, SSH_OPTIONS_USER, NULL) < 0) {
-        session->auth_service_state = SSH_AUTH_SERVICE_DENIED;
-        return SSH_ERROR;
+        return session->auth_service_asked = SSH_AUTH_ERROR;
       } else {
         username = session->username;
       }
     }
   }
-  user = ssh_string_from_char(username);
+  user = string_from_char(username);
   if (user == NULL) {
     return SSH_AUTH_ERROR;
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_USER) < 0) {
-    ssh_string_free(user);
+    string_free(user);
     return SSH_AUTH_ERROR;
   }
   if (buffer_add_ssh_string(session->out_buffer, user) < 0) {
-    ssh_string_free(user);
+    string_free(user);
     return SSH_AUTH_ERROR;
   }
-  ssh_string_free(user);
-  session->auth_state=SSH_AUTH_STATE_NONE;
-  if (packet_send(session) == SSH_ERROR) {
+  string_free(user);
+  if (packet_send(session) != SSH_OK) {
     return SSH_AUTH_ERROR;
   }
 
-  if(wait_auth1_status(session) == SSH_AUTH_SUCCESS){
-    session->auth_service_state=SSH_AUTH_SERVICE_USER_SENT;
-    session->auth_state=SSH_AUTH_STATE_SUCCESS;
-    ssh_set_error(session, SSH_NO_ERROR, "Authentication successful");
-    return SSH_AUTH_SUCCESS;
-  } else {
-    session->auth_service_state=SSH_AUTH_SERVICE_USER_SENT;
-    ssh_set_error(session,SSH_REQUEST_DENIED,"Password authentication necessary for user %s",username);
-    return SSH_AUTH_DENIED;
-  }
+  session->auth_service_asked = wait_auth1_status(session);
 
+  return session->auth_service_asked;
 }
 
 /* use the "none" authentication question */
@@ -123,6 +101,44 @@ int ssh_userauth1_none(ssh_session session, const char *username){
     return send_username(session, username);
 }
 
+/*
+int ssh_userauth_offer_pubkey(ssh_session session, char *username,int type, ssh_string publickey){
+    ssh_string user;
+    ssh_string service;
+    ssh_string method;
+    ssh_string algo;
+    int err=SSH_AUTH_ERROR;
+    if(!username)
+        if(!(username=session->options->username)){
+            if(options_default_username(session->options))
+                return SSH_AUTH_ERROR;
+            else
+                username=session->options->username;
+        }
+    if(ask_userauth(session))
+        return SSH_AUTH_ERROR;
+    user=string_from_char(username);
+    service=string_from_char("ssh-connection");
+    method=string_from_char("publickey");
+    algo=string_from_char(ssh_type_to_char(type));
+
+    packet_clear_out(session);
+    buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST);
+    buffer_add_ssh_string(session->out_buffer,user);
+    buffer_add_ssh_string(session->out_buffer,service);
+    buffer_add_ssh_string(session->out_buffer,method);
+    buffer_add_u8(session->out_buffer,0);
+    buffer_add_ssh_string(session->out_buffer,algo);
+    buffer_add_ssh_string(session->out_buffer,publickey);
+    packet_send(session);
+    err=wait_auth_status(session,0);
+    free(user);
+    free(method);
+    free(service);
+    free(algo);
+    return err;
+}
+*/
 /** \internal
  * \todo implement ssh1 public key
  */
@@ -132,19 +148,63 @@ int ssh_userauth1_offer_pubkey(ssh_session session, const char *username,
   (void) username;
   (void) type;
   (void) pubkey;
-  enter_function();
-  leave_function();
   return SSH_AUTH_DENIED;
 }
 
+/*
+int ssh_userauth_pubkey(ssh_session session, char *username, ssh_string publickey, ssh_private_key privatekey){
+    ssh_string user;
+    ssh_string service;
+    ssh_string method;
+    ssh_string algo;
+    ssh_string sign;
+    int err=SSH_AUTH_ERROR;
+    if(!username)
+        if(!(username=session->options->username)){
+            if(options_default_username(session->options))
+                return err;
+            else
+                username=session->options->username;
+        }
+    if(ask_userauth(session))
+        return err;
+    user=string_from_char(username);
+    service=string_from_char("ssh-connection");
+    method=string_from_char("publickey");
+    algo=string_from_char(ssh_type_to_char(privatekey->type));
+
+
+*/    /* we said previously the public key was accepted */
+/*    packet_clear_out(session);
+    buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_REQUEST);
+    buffer_add_ssh_string(session->out_buffer,user);
+    buffer_add_ssh_string(session->out_buffer,service);
+    buffer_add_ssh_string(session->out_buffer,method);
+    buffer_add_u8(session->out_buffer,1);
+    buffer_add_ssh_string(session->out_buffer,algo);
+    buffer_add_ssh_string(session->out_buffer,publickey);
+    sign=ssh_do_sign(session,session->out_buffer,privatekey);
+    if(sign){
+        buffer_add_ssh_string(session->out_buffer,sign);
+        free(sign);
+        packet_send(session);
+        err=wait_auth_status(session,0);
+    }
+    free(user);
+    free(service);
+    free(method);
+    free(algo);
+    return err;
+}
+*/
+
 int ssh_userauth1_password(ssh_session session, const char *username,
     const char *password) {
   ssh_string pwd = NULL;
   int rc;
-  enter_function();
+
   rc = send_username(session, username);
   if (rc != SSH_AUTH_DENIED) {
-    leave_function();
     return rc;
   }
 
@@ -157,9 +217,8 @@ int ssh_userauth1_password(ssh_session session, const char *username,
   /* cisco IOS doesn't like when a password is followed by zeroes and random pad. */
   if(1 || strlen(password) >= 128) {
     /* not risky to disclose the size of such a big password .. */
-    pwd = ssh_string_from_char(password);
+    pwd = string_from_char(password);
     if (pwd == NULL) {
-      leave_function();
       return SSH_AUTH_ERROR;
     }
   } else {
@@ -169,9 +228,8 @@ int ssh_userauth1_password(ssh_session session, const char *username,
      * why garbage ? because nul bytes will be compressed by
      * gzip and disclose password len.
      */
-    pwd = ssh_string_new(128);
+    pwd = string_new(128);
     if (pwd == NULL) {
-      leave_function();
       return SSH_AUTH_ERROR;
     }
     ssh_get_random( pwd->string, 128, 0);
@@ -179,28 +237,24 @@ int ssh_userauth1_password(ssh_session session, const char *username,
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_AUTH_PASSWORD) < 0) {
-    ssh_string_burn(pwd);
-    ssh_string_free(pwd);
-    leave_function();
+    string_burn(pwd);
+    string_free(pwd);
     return SSH_AUTH_ERROR;
   }
   if (buffer_add_ssh_string(session->out_buffer, pwd) < 0) {
-    ssh_string_burn(pwd);
-    ssh_string_free(pwd);
-    leave_function();
+    string_burn(pwd);
+    string_free(pwd);
     return SSH_AUTH_ERROR;
   }
 
-  ssh_string_burn(pwd);
-  ssh_string_free(pwd);
-  session->auth_state=SSH_AUTH_STATE_NONE;
-  if (packet_send(session) == SSH_ERROR) {
-    leave_function();
+  string_burn(pwd);
+  string_free(pwd);
+
+  if (packet_send(session) != SSH_OK) {
     return SSH_AUTH_ERROR;
   }
-  rc = wait_auth1_status(session);
-  leave_function();
-  return rc;
+
+  return wait_auth1_status(session);
 }
 
 #endif /* WITH_SSH1 */

libssh/base64.c

@@ -39,9 +39,9 @@ static char alphabet[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
 #define SET_C(n, i) do { (n) |= ((i) & 63) << 6; } while (0)
 #define SET_D(n, i) do { (n) |= ((i) & 63); } while (0)
 
-#define GET_A(n) (unsigned char) (((n) & 0xff0000) >> 16)
-#define GET_B(n) (unsigned char) (((n) & 0xff00) >> 8)
-#define GET_C(n) (unsigned char) ((n) & 0xff)
+#define GET_A(n) (((n) & 0xff0000) >> 16)
+#define GET_B(n) (((n) & 0xff00) >> 8)
+#define GET_C(n) ((n) & 0xff)
 
 static int _base64_to_bin(unsigned char dest[3], const char *source, int num);
 static int get_equals(char *string);
@@ -77,7 +77,7 @@ ssh_buffer base64_to_bin(const char *source) {
     return NULL;
   }
 
-  buffer = ssh_buffer_new();
+  buffer = buffer_new();
   if (buffer == NULL) {
     SAFE_FREE(base64);
     return NULL;
@@ -162,7 +162,7 @@ ssh_buffer base64_to_bin(const char *source) {
 
 error:
   SAFE_FREE(base64);
-  ssh_buffer_free(buffer);
+  buffer_free(buffer);
   return NULL;
 }
 

libssh/buffer.c

@@ -0,0 +1,462 @@
+/*
+ * buffer.c - buffer functions
+ *
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2003-2009 by Aris Adamantiadis
+ *
+ * The SSH Library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The SSH Library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the SSH Library; see the file COPYING.  If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifndef _WIN32
+#include <arpa/inet.h>
+#endif
+
+#include "libssh/priv.h"
+#include "libssh/buffer.h"
+/** \defgroup ssh_buffer SSH Buffers
+ * \brief buffer handling
+ */
+
+/** \addtogroup ssh_buffer
+ * @{
+ */
+
+/** \brief checks that preconditions and postconditions are valid
+ * \internal
+ */
+
+#ifdef DEBUG_BUFFER
+static void buffer_verify(struct buffer_struct *buf){
+  int doabort=0;
+  if(buf->data == NULL)
+    return;
+  if(buf->used > buf->allocated){
+    fprintf(stderr,"Buffer error : allocated %u, used %u\n",buf->allocated, buf->used);
+    doabort=1;
+  }
+  if(buf->pos > buf->used){
+    fprintf(stderr,"Buffer error : position %u, used %u\n",buf->pos, buf->used);
+    doabort=1;
+  }
+  if(buf->pos > buf->allocated){
+      fprintf(stderr,"Buffer error : position %u, allocated %u\n",buf->pos, buf->allocated);
+      doabort=1;
+  }
+  if(doabort)
+    abort();
+}
+
+#else
+#define buffer_verify(x)
+#endif
+
+/** \brief creates a new buffer
+ * \return a new initialized buffer, NULL on error.
+ */
+struct ssh_buffer_struct *buffer_new(void) {
+  struct ssh_buffer_struct *buf = malloc(sizeof(struct ssh_buffer_struct));
+
+  if (buf == NULL) {
+    return NULL;
+  }
+  memset(buf, 0, sizeof(struct ssh_buffer_struct));
+  buffer_verify(buf);
+  return buf;
+}
+
+/** \brief deallocate a buffer
+ * \param buffer buffer to free
+ */
+void buffer_free(struct ssh_buffer_struct *buffer) {
+  if (buffer == NULL) {
+    return;
+  }
+  buffer_verify(buffer);
+
+  if (buffer->data) {
+    /* burn the data */
+    memset(buffer->data, 0, buffer->allocated);
+    SAFE_FREE(buffer->data);
+  }
+  memset(buffer, 'X', sizeof(*buffer));
+  SAFE_FREE(buffer);
+}
+
+static int realloc_buffer(struct ssh_buffer_struct *buffer, int needed) {
+  int smallest = 1;
+  char *new = NULL;
+  buffer_verify(buffer);
+  /* Find the smallest power of two which is greater or equal to needed */
+  while(smallest < needed) {
+    smallest <<= 1;
+  }
+  needed = smallest;
+  new = realloc(buffer->data, needed);
+  if (new == NULL) {
+    return -1;
+  }
+  buffer->data = new;
+  buffer->allocated = needed;
+  buffer_verify(buffer);
+  return 0;
+}
+
+/* \internal
+ * \brief reinitialize a buffer
+ * \param buffer buffer
+ * \return 0 on sucess, < 0 on error
+ */
+int buffer_reinit(struct ssh_buffer_struct *buffer) {
+  buffer_verify(buffer);
+  memset(buffer->data, 0, buffer->used);
+  buffer->used = 0;
+  buffer->pos = 0;
+  if(buffer->allocated > 127) {
+    if (realloc_buffer(buffer, 127) < 0) {
+      return -1;
+    }
+  }
+  buffer_verify(buffer);
+  return 0;
+}
+
+/** \internal
+ * \brief add data at tail of the buffer
+ * \param buffer buffer
+ * \param data data pointer
+ * \param len length of data
+ */
+int buffer_add_data(struct ssh_buffer_struct *buffer, const void *data, uint32_t len) {
+  buffer_verify(buffer);
+  if (buffer->allocated < (buffer->used + len)) {
+    if (realloc_buffer(buffer, buffer->used + len) < 0) {
+      return -1;
+    }
+  }
+
+  memcpy(buffer->data+buffer->used, data, len);
+  buffer->used+=len;
+  buffer_verify(buffer);
+  return 0;
+}
+
+/** \internal
+ * \brief add a SSH string to the tail of buffer
+ * \param buffer buffer
+ * \param string SSH String to add
+ * \return 0 on success, -1 on error.
+ */
+int buffer_add_ssh_string(struct ssh_buffer_struct *buffer,
+    struct ssh_string_struct *string) {
+  uint32_t len = 0;
+
+  len = string_len(string);
+  if (buffer_add_data(buffer, string, len + sizeof(uint32_t)) < 0) {
+    return -1;
+  }
+
+  return 0;
+}
+
+/** \internal
+ * \brief add a 32 bits unsigned integer to the tail of buffer
+ * \param buffer buffer
+ * \param data 32 bits integer
+ * \return 0 on success, -1 on error.
+ */
+int buffer_add_u32(struct ssh_buffer_struct *buffer,uint32_t data){
+  if (buffer_add_data(buffer, &data, sizeof(data)) < 0) {
+    return -1;
+  }
+
+  return 0;
+}
+
+/** \internal
+ * \brief add a 16 bits unsigned integer to the tail of buffer
+ * \param buffer buffer
+ * \param data 16 bits integer
+ * \return 0 on success, -1 on error.
+ */
+int buffer_add_u16(struct ssh_buffer_struct *buffer,uint16_t data){
+  if (buffer_add_data(buffer, &data, sizeof(data)) < 0) {
+    return -1;
+  }
+
+  return 0;
+}
+
+/** \internal
+ * \brief add a 64 bits unsigned integer to the tail of buffer
+ * \param buffer buffer
+ * \param data 64 bits integer
+ * \return 0 on success, -1 on error.
+ */
+int buffer_add_u64(struct ssh_buffer_struct *buffer, uint64_t data){
+  if (buffer_add_data(buffer, &data, sizeof(data)) < 0) {
+    return -1;
+  }
+
+  return 0;
+}
+/** \internal
+ * \brief add a 8 bits unsigned integer to the tail of buffer
+ * \param buffer buffer
+ * \param data 8 bits integer
+ * \return 0 on success, -1 on error.
+ */
+int buffer_add_u8(struct ssh_buffer_struct *buffer,uint8_t data){
+  if (buffer_add_data(buffer, &data, sizeof(uint8_t)) < 0) {
+    return -1;
+  }
+
+  return 0;
+}
+
+/** \internal
+ * \brief add data at head of a buffer
+ * \param buffer buffer
+ * \param data data to add
+ * \param len length of data
+ * \return 0 on success, -1 on error.
+ */
+int buffer_prepend_data(struct ssh_buffer_struct *buffer, const void *data,
+    uint32_t len) {
+  buffer_verify(buffer);
+  if (buffer->allocated < (buffer->used + len)) {
+    if (realloc_buffer(buffer, buffer->used + len) < 0) {
+      return -1;
+    }
+  }
+  memmove(buffer->data + len, buffer->data, buffer->used);
+  memcpy(buffer->data, data, len);
+  buffer->used += len;
+  buffer_verify(buffer);
+  return 0;
+}
+
+/** \internal
+ * \brief append data from a buffer to tail of another
+ * \param buffer destination buffer
+ * \param source source buffer. Doesn't take position in buffer into account
+ * \return 0 on success, -1 on error.
+ */
+int buffer_add_buffer(struct ssh_buffer_struct *buffer,
+    struct ssh_buffer_struct *source) {
+  if (buffer_add_data(buffer, buffer_get(source), buffer_get_len(source)) < 0) {
+    return -1;
+  }
+
+  return 0;
+}
+
+/** \brief get a pointer on the head of the buffer
+ * \param buffer buffer
+ * \return data pointer on the head. Doesn't take position into account.
+ * \warning don't expect data to be nul-terminated
+ * \see buffer_get_rest()
+ * \see buffer_get_len()
+ */
+void *buffer_get(struct ssh_buffer_struct *buffer){
+  return buffer->data;
+}
+
+/** \internal
+ * \brief get a pointer to head of the buffer at current position
+ * \param buffer buffer
+ * \return pointer to the data from current position
+ * \see buffer_get_rest_len()
+ * \see buffer_get()
+ */
+void *buffer_get_rest(struct ssh_buffer_struct *buffer){
+    return buffer->data + buffer->pos;
+}
+
+/** \brief get length of the buffer, not counting position
+ * \param buffer
+ * \return length of the buffer
+ * \see buffer_get()
+ */
+uint32_t buffer_get_len(struct ssh_buffer_struct *buffer){
+    return buffer->used;
+}
+
+/** \internal
+ *  \brief get length of the buffer from the current position
+ * \param buffer
+ * \return length of the buffer
+ * \see buffer_get_rest()
+ */
+uint32_t buffer_get_rest_len(struct ssh_buffer_struct *buffer){
+  buffer_verify(buffer);
+  return buffer->used - buffer->pos;
+}
+
+/** \internal
+ * has effect to "eat" bytes at head of the buffer
+ * \brief advance the position in the buffer
+ * \param buffer buffer
+ * \param len number of bytes to eat
+ * \return new size of the buffer
+ */
+uint32_t buffer_pass_bytes(struct ssh_buffer_struct *buffer, uint32_t len){
+    buffer_verify(buffer);
+    if(buffer->used < buffer->pos+len)
+        return 0;
+    buffer->pos+=len;
+    /* if the buffer is empty after having passed the whole bytes into it, we can clean it */
+    if(buffer->pos==buffer->used){
+        buffer->pos=0;
+        buffer->used=0;
+    }
+    buffer_verify(buffer);
+    return len;
+}
+
+/** \internal
+ * \brief cut the end of the buffer
+ * \param buffer buffer
+ * \param len number of bytes to remove from tail
+ * \return new size of the buffer
+ */
+uint32_t buffer_pass_bytes_end(struct ssh_buffer_struct *buffer, uint32_t len){
+  buffer_verify(buffer);
+  if(buffer->used < buffer->pos + len)
+    return 0;
+  buffer->used-=len;
+  buffer_verify(buffer);
+  return len;
+}
+
+/** \internal
+ * \brief gets remaining data out of the buffer. Adjust the read pointer.
+ * \param buffer Buffer to read
+ * \param data data buffer where to store the data
+ * \param len length to read from the buffer
+ * \returns 0 if there is not enough data in buffer
+ * \returns len otherwise.
+ */
+uint32_t buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint32_t len){
+    /*
+     * Check for a integer overflow first, then check if not enough data is in
+     * the buffer.
+     */
+    if (buffer->pos + len < len || buffer->pos + len > buffer->used) {
+      return 0;
+    }
+    memcpy(data,buffer->data+buffer->pos,len);
+    buffer->pos+=len;
+    return len;   /* no yet support for partial reads (is it really needed ?? ) */
+}
+/** \internal
+ * \brief gets a 8 bits unsigned int out of the buffer. Adjusts the read pointer.
+ * \param buffer Buffer to read
+ * \param data pointer to a uint8_t where to store the data
+ * \returns 0 if there is not enough data in buffer
+ * \returns 1 otherwise.
+ */
+int buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){
+    return buffer_get_data(buffer,data,sizeof(uint8_t));
+}
+
+/** \internal
+ * \brief gets a 32 bits unsigned int out of the buffer. Adjusts the read pointer.
+ * \param buffer Buffer to read
+ * \param data pointer to a uint32_t where to store the data
+ * \returns 0 if there is not enough data in buffer
+ * \returns 4 otherwise.
+ */
+int buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){
+    return buffer_get_data(buffer,data,sizeof(uint32_t));
+}
+/** \internal
+ * \brief gets a 64 bits unsigned int out of the buffer. Adjusts the read pointer.
+ * \param buffer Buffer to read
+ * \param data pointer to a uint64_t where to store the data
+ * \returns 0 if there is not enough data in buffer
+ * \returns 8 otherwise.
+ */
+int buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){
+    return buffer_get_data(buffer,data,sizeof(uint64_t));
+}
+/** \internal
+ * \brief gets a SSH String out of the buffer. Adjusts the read pointer.
+ * \param buffer Buffer to read
+ * \returns The SSH String read
+ * \returns NULL otherwise.
+ */
+struct ssh_string_struct *buffer_get_ssh_string(struct ssh_buffer_struct *buffer) {
+  uint32_t stringlen;
+  uint32_t hostlen;
+  struct ssh_string_struct *str = NULL;
+
+  if (buffer_get_u32(buffer, &stringlen) == 0) {
+    return NULL;
+  }
+  hostlen = ntohl(stringlen);
+  /* verify if there is enough space in buffer to get it */
+  if ((buffer->pos + hostlen) > buffer->used) {
+    return NULL; /* it is indeed */
+  }
+  str = string_new(hostlen);
+  if (str == NULL) {
+    return NULL;
+  }
+  if (buffer_get_data(buffer, string_data(str), hostlen) != hostlen) {
+    /* should never happen */
+    SAFE_FREE(str);
+    return NULL;
+  }
+
+  return str;
+}
+/** \internal
+ * \brief gets a mpint out of the buffer. Adjusts the read pointer.
+ * SSH-1 only
+ * \param buffer Buffer to read
+ * \returns the SSH String containing the mpint
+ * \returns NULL otherwise
+ */
+
+struct ssh_string_struct *buffer_get_mpint(struct ssh_buffer_struct *buffer) {
+  uint16_t bits;
+  uint32_t len;
+  struct ssh_string_struct *str = NULL;
+
+  if (buffer_get_data(buffer, &bits, sizeof(uint16_t)) != sizeof(uint16_t)) {
+    return NULL;
+  }
+  bits = ntohs(bits);
+  len = (bits + 7) / 8;
+  if ((buffer->pos + len) > buffer->used) {
+    return NULL;
+  }
+  str = string_new(len);
+  if (str == NULL) {
+    return NULL;
+  }
+  if (buffer_get_data(buffer, string_data(str), len) != len) {
+    SAFE_FREE(str);
+    return NULL;
+  }
+  return str;
+}
+/** @} */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/callbacks.c

@@ -1,7 +1,9 @@
 /*
+ * callbacks.c - callback functions
+ *
  * This file is part of the SSH Library
  *
- * Copyright (c) 2009 by Aris Adamantiadis
+ * Copyright (c) 2009      by Andreas Schneider <mail@cynapses.org>
  *
  * The SSH Library is free software; you can redistribute it and/or modify
  * it under the terms of the GNU Lesser General Public License as published by
@@ -19,15 +21,17 @@
  * MA 02111-1307, USA.
  */
 
-#ifndef KEX_H_
-#define KEX_H_
+#include "config.h"
 
-#include "libssh/priv.h"
 #include "libssh/callbacks.h"
+#include "libssh/session.h"
 
-SSH_PACKET_CALLBACK(ssh_packet_kexinit);
-#ifdef WITH_SSH1
-SSH_PACKET_CALLBACK(ssh_packet_publickey1);
-#endif
+int ssh_set_callbacks(ssh_session session, ssh_callbacks cb) {
+  if (session == NULL || cb == NULL) {
+    return -1;
+  }
 
-#endif /* KEX_H_ */
+  session->callbacks = cb;
+
+  return 0;
+}

libssh/channels1.c

@@ -24,43 +24,35 @@
 
 #include <string.h>
 #include <stdlib.h>
+#include <unistd.h>
 #include <stdio.h>
 #ifndef _WIN32
 #include <arpa/inet.h>
-#include <unistd.h>
 #endif
-
 #include "libssh/priv.h"
 #include "libssh/ssh1.h"
 #include "libssh/buffer.h"
 #include "libssh/packet.h"
 #include "libssh/channels.h"
 #include "libssh/session.h"
-#include "libssh/misc.h"
 
 #ifdef WITH_SSH1
 
 /*
  * This is a big hack. In fact, SSH1 doesn't make a clever use of channels.
  * The whole packets concerning shells are sent outside of a channel.
- * Thus, an inside limitation of this behavior is that you can't only
+ * Thus, an inside limitation of this behaviour is that you can't only
  * request one shell.
- * The question is still how they managed to embed two "channel" into one
+ * The question is stil how they managed to imbed two "channel" into one
  * protocol.
  */
 
 int channel_open_session1(ssh_channel chan) {
-  ssh_session session;
-
-  if (chan == NULL) {
-    return -1;
-  }
-  session = chan->session;
-
   /*
    * We guess we are requesting an *exec* channel. It can only have one exec
    * channel. So we abort with an error if we need more than one.
    */
+  ssh_session session = chan->session;
   if (session->exec_channel_opened) {
     ssh_set_error(session, SSH_REQUEST_DENIED,
         "SSH1 supports only one execution channel. "
@@ -68,8 +60,7 @@ int channel_open_session1(ssh_channel chan) {
     return -1;
   }
   session->exec_channel_opened = 1;
-  chan->request_state = SSH_CHANNEL_REQ_STATE_ACCEPTED;
-  chan->state = SSH_CHANNEL_STATE_OPEN;
+  chan->open = 1;
   chan->local_maxpacket = 32000;
   chan->local_window = 64000;
   ssh_log(session, SSH_LOG_PACKET, "Opened a SSH1 channel session");
@@ -91,30 +82,20 @@ int channel_open_session1(ssh_channel chan) {
 
 int channel_request_pty_size1(ssh_channel channel, const char *terminal, int col,
     int row) {
-  ssh_session session;
+  ssh_session session = channel->session;
   ssh_string str = NULL;
 
-  if (channel == NULL) {
-    return SSH_ERROR;
-  }
-  session = channel->session;
-
-  if(channel->request_state != SSH_CHANNEL_REQ_STATE_NONE){
-    ssh_set_error(session,SSH_REQUEST_DENIED,"Wrong request state");
-    return SSH_ERROR;
-  }
-  str = ssh_string_from_char(terminal);
+  str = string_from_char(terminal);
   if (str == NULL) {
-    ssh_set_error_oom(session);
     return -1;
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_REQUEST_PTY) < 0 ||
       buffer_add_ssh_string(session->out_buffer, str) < 0) {
-    ssh_string_free(str);
+    string_free(str);
     return -1;
   }
-  ssh_string_free(str);
+  string_free(str);
 
   if (buffer_add_u32(session->out_buffer, ntohl(row)) < 0 ||
       buffer_add_u32(session->out_buffer, ntohl(col)) < 0 ||
@@ -125,93 +106,78 @@ int channel_request_pty_size1(ssh_channel channel, const char *terminal, int col
   }
 
   ssh_log(session, SSH_LOG_FUNCTIONS, "Opening a ssh1 pty");
-
-  if (packet_send(session) == SSH_ERROR) {
+  if (packet_send(session) != SSH_OK ||
+      packet_read(session) != SSH_OK ||
+      packet_translate(session) != SSH_OK) {
     return -1;
   }
-  switch(channel->request_state){
-    case SSH_CHANNEL_REQ_STATE_ERROR:
-    case SSH_CHANNEL_REQ_STATE_PENDING:
-    case SSH_CHANNEL_REQ_STATE_NONE:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
-      return SSH_ERROR;
-    case SSH_CHANNEL_REQ_STATE_ACCEPTED:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
+
+  switch (session->in_packet.type) {
+    case SSH_SMSG_SUCCESS:
       ssh_log(session, SSH_LOG_RARE, "PTY: Success");
-      return SSH_OK;
-    case SSH_CHANNEL_REQ_STATE_DENIED:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
+      return 0;
+      break;
+    case SSH_SMSG_FAILURE:
       ssh_set_error(session, SSH_REQUEST_DENIED,
           "Server denied PTY allocation");
       ssh_log(session, SSH_LOG_RARE, "PTY: denied\n");
-      return SSH_ERROR;
+      break;
+    default:
+      ssh_log(session, SSH_LOG_RARE, "PTY: error\n");
+      ssh_set_error(session, SSH_FATAL,
+          "Received unexpected packet type %d",
+          session->in_packet.type);
+      return -1;
   }
-  // Not reached
-  return SSH_ERROR;
+
+  return -1;
 }
 
 int channel_change_pty_size1(ssh_channel channel, int cols, int rows) {
-  ssh_session session;
+  ssh_session session = channel->session;
 
-  if (channel == NULL) {
-    return SSH_ERROR;
-  }
-  session = channel->session;
-
-  if(channel->request_state != SSH_CHANNEL_REQ_STATE_NONE){
-    ssh_set_error(session,SSH_REQUEST_DENIED,"Wrong request state");
-    return SSH_ERROR;
-  }
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_WINDOW_SIZE) < 0 ||
       buffer_add_u32(session->out_buffer, ntohl(rows)) < 0 ||
       buffer_add_u32(session->out_buffer, ntohl(cols)) < 0 ||
       buffer_add_u32(session->out_buffer, 0) < 0 ||
       buffer_add_u32(session->out_buffer, 0) < 0) {
-    return SSH_ERROR;
-  }
-  channel->request_state=SSH_CHANNEL_REQ_STATE_PENDING;
-  if (packet_send(session) == SSH_ERROR) {
-    return SSH_ERROR;
+    return -1;
   }
 
-  ssh_log(session, SSH_LOG_PROTOCOL, "Change pty size send");
-  while(channel->request_state==SSH_CHANNEL_REQ_STATE_PENDING){
-    ssh_handle_packets(session,-1);
+  if (packet_send(session)) {
+    return -1;
   }
-  switch(channel->request_state){
-    case SSH_CHANNEL_REQ_STATE_ERROR:
-    case SSH_CHANNEL_REQ_STATE_PENDING:
-    case SSH_CHANNEL_REQ_STATE_NONE:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
-      return SSH_ERROR;
-    case SSH_CHANNEL_REQ_STATE_ACCEPTED:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
-      ssh_log(session, SSH_LOG_PROTOCOL, "pty size changed");
-      return SSH_OK;
-    case SSH_CHANNEL_REQ_STATE_DENIED:
-      channel->request_state=SSH_CHANNEL_REQ_STATE_NONE;
+
+  ssh_log(session, SSH_LOG_RARE, "Change pty size send");
+
+  if (packet_wait(session, SSH_SMSG_SUCCESS, 1) != SSH_OK) {
+    return -1;
+  }
+
+  switch (session->in_packet.type) {
+    case SSH_SMSG_SUCCESS:
+      ssh_log(session, SSH_LOG_RARE, "pty size changed");
+      return 0;
+    case SSH_SMSG_FAILURE:
       ssh_log(session, SSH_LOG_RARE, "pty size change denied");
       ssh_set_error(session, SSH_REQUEST_DENIED, "pty size change denied");
-      return SSH_ERROR;
+      return -1;
   }
-  // Not reached
-  return SSH_ERROR;
 
+  ssh_set_error(session, SSH_FATAL, "Received unexpected packet type %d",
+      session->in_packet.type);
+
+  return -1;
 }
 
 int channel_request_shell1(ssh_channel channel) {
-  ssh_session session;
-
-  if (channel == NULL) {
-    return -1;
-  }
-  session = channel->session;
+  ssh_session session = channel->session;
 
   if (buffer_add_u8(session->out_buffer,SSH_CMSG_EXEC_SHELL) < 0) {
     return -1;
   }
 
-  if (packet_send(session) == SSH_ERROR) {
+  if (packet_send(session) != SSH_OK) {
     return -1;
   }
 
@@ -221,27 +187,22 @@ int channel_request_shell1(ssh_channel channel) {
 }
 
 int channel_request_exec1(ssh_channel channel, const char *cmd) {
-  ssh_session session;
+  ssh_session session = channel->session;
   ssh_string command = NULL;
 
-  if (channel == NULL) {
-    return -1;
-  }
-  session = channel->session;
-
-  command = ssh_string_from_char(cmd);
+  command = string_from_char(cmd);
   if (command == NULL) {
     return -1;
   }
 
   if (buffer_add_u8(session->out_buffer, SSH_CMSG_EXEC_CMD) < 0 ||
       buffer_add_ssh_string(session->out_buffer, command) < 0) {
-    ssh_string_free(command);
+    string_free(command);
     return -1;
   }
-  ssh_string_free(command);
+  string_free(command);
 
-  if(packet_send(session) == SSH_ERROR) {
+  if(packet_send(session) != SSH_OK) {
     return -1;
   }
 
@@ -250,93 +211,85 @@ int channel_request_exec1(ssh_channel channel, const char *cmd) {
   return 0;
 }
 
-SSH_PACKET_CALLBACK(ssh_packet_data1){
-    ssh_channel channel = ssh_get_channel1(session);
+static int channel_rcv_data1(ssh_session session, int is_stderr) {
+    ssh_channel channel = session->channels;
     ssh_string str = NULL;
-    int is_stderr=(type==SSH_SMSG_STDOUT_DATA ? 0 : 1);
-    (void)user;
 
-    if (channel == NULL) {
-      return SSH_PACKET_NOT_USED;
-    }
-
-    str = buffer_get_ssh_string(packet);
+    str = buffer_get_ssh_string(session->in_buffer);
     if (str == NULL) {
       ssh_log(session, SSH_LOG_FUNCTIONS, "Invalid data packet !\n");
-      return SSH_PACKET_USED;
+      return -1;
     }
 
-    ssh_log(session, SSH_LOG_PROTOCOL,
-        "Adding %" PRIdS " bytes data in %d",
-        ssh_string_len(str), is_stderr);
+    ssh_log(session, SSH_LOG_RARE,
+        "Adding %zu bytes data in %d",
+        string_len(str), is_stderr);
 
-    if (channel_default_bufferize(channel, ssh_string_data(str), ssh_string_len(str),
+    if (channel_default_bufferize(channel, string_data(str), string_len(str),
           is_stderr) < 0) {
-      ssh_string_free(str);
-      return SSH_PACKET_USED;
+      string_free(str);
+      return -1;
     }
-    ssh_string_free(str);
+    string_free(str);
 
-    return SSH_PACKET_USED;
+    return 0;
 }
 
-SSH_PACKET_CALLBACK(ssh_packet_close1){
-  ssh_channel channel = ssh_get_channel1(session);
+static int channel_rcv_close1(ssh_session session) {
+  ssh_channel channel = session->channels;
   uint32_t status;
 
-  (void)type;
-  (void)user;
-
-  if (channel == NULL) {
-    return SSH_PACKET_NOT_USED;
-  }
-
-  buffer_get_u32(packet, &status);
+  buffer_get_u32(session->in_buffer, &status);
   /*
    * It's much more than a channel closing. spec says it's the last
    * message sent by server (strange)
    */
 
   /* actually status is lost somewhere */
-  channel->state = SSH_CHANNEL_STATE_CLOSED;
+  channel->open = 0;
   channel->remote_eof = 1;
 
-  buffer_add_u8(session->out_buffer, SSH_CMSG_EXIT_CONFIRMATION);
-  packet_send(session);
-
-  return SSH_PACKET_USED;
-}
-
-SSH_PACKET_CALLBACK(ssh_packet_exist_status1){
-  ssh_channel channel = ssh_get_channel1(session);
-  uint32_t status;
-  (void)type;
-  (void)user;
-
-  if (channel == NULL) {
-    return SSH_PACKET_NOT_USED;
+  if (buffer_add_u8(session->out_buffer, SSH_CMSG_EXIT_CONFIRMATION) < 0) {
+    return -1;
   }
 
-  buffer_get_u32(packet, &status);
-  channel->state = SSH_CHANNEL_STATE_CLOSED;
-  channel->remote_eof = 1;
-  channel->exit_status = ntohl(status);
+  if (packet_send(session) != SSH_OK) {
+    return -1;
+  }
 
-  return SSH_PACKET_USED;
+  return 0;
 }
 
+int channel_handle1(ssh_session session, int type) {
+  ssh_log(session, SSH_LOG_RARE, "Channel_handle1(%d)", type);
+  switch (type) {
+    case SSH_SMSG_STDOUT_DATA:
+      if (channel_rcv_data1(session,0) < 0) {
+        return -1;
+      }
+      break;
+    case SSH_SMSG_STDERR_DATA:
+      if (channel_rcv_data1(session,1) < 0) {
+        return -1;
+      }
+      break;
+    case SSH_SMSG_EXITSTATUS:
+      if (channel_rcv_close1(session) < 0) {
+        return -1;
+      }
+      break;
+    default:
+      ssh_log(session, SSH_LOG_FUNCTIONS, "Unexepected message %d", type);
+  }
+
+  return 0;
+}
 
 int channel_write1(ssh_channel channel, const void *data, int len) {
-  ssh_session session;
+  ssh_session session = channel->session;
   int origlen = len;
   int effectivelen;
   const unsigned char *ptr=data;
-
-  if (channel == NULL) {
-    return -1;
-  }
-  session = channel->session;
-
   while (len > 0) {
     if (buffer_add_u8(session->out_buffer, SSH_CMSG_STDIN_DATA) < 0) {
       return -1;
@@ -352,7 +305,7 @@ int channel_write1(ssh_channel channel, const void *data, int len) {
     ptr += effectivelen;
     len -= effectivelen;
 
-    if (packet_send(session) == SSH_ERROR) {
+    if (packet_send(session) != SSH_OK) {
       return -1;
     }
   }
@@ -360,20 +313,5 @@ int channel_write1(ssh_channel channel, const void *data, int len) {
   return origlen;
 }
 
-ssh_channel ssh_get_channel1(ssh_session session){
-  struct ssh_iterator *it;
-
-  if (session == NULL) {
-    return NULL;
-  }
-
-  /* With SSH1, the channel is always the first one */
-  if(session->channels != NULL){
-    it = ssh_list_get_iterator(session->channels);
-    if(it)
-      return ssh_iterator_value(ssh_channel, it);
-  }
-  return NULL;
-}
 #endif /* WITH_SSH1 */
 /* vim: set ts=2 sw=2 et cindent: */

libssh/client.c

@@ -0,0 +1,716 @@
+/*
+ * client.c - SSH client functions
+ *
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2003-2008 by Aris Adamantiadis
+ *
+ * The SSH Library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The SSH Library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the SSH Library; see the file COPYING.  If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#ifndef _WIN32
+#include <arpa/inet.h>
+#endif
+
+#include "libssh/priv.h"
+#include "libssh/ssh2.h"
+#include "libssh/buffer.h"
+#include "libssh/packet.h"
+#include "libssh/socket.h"
+#include "libssh/session.h"
+#include "libssh/dh.h"
+
+#define set_status(session, status) do {\
+        if (session->callbacks && session->callbacks->connect_status_function) \
+            session->callbacks->connect_status_function(session->callbacks->userdata, status); \
+    } while (0)
+
+/**
+ * @internal
+ *
+ * @brief Get a banner from a socket.
+ *
+ * The caller has to free memroy.
+ *
+ * @param  session      The session to get the banner from.
+ *
+ * @return A newly allocated string with the banner or NULL on error.
+ */
+char *ssh_get_banner(ssh_session session) {
+  char buffer[128] = {0};
+  char *str = NULL;
+  int i;
+
+  enter_function();
+
+  for (i = 0; i < 127; i++) {
+    if (ssh_socket_read(session->socket, &buffer[i], 1) != SSH_OK) {
+      ssh_set_error(session, SSH_FATAL, "Remote host closed connection");
+      leave_function();
+      return NULL;
+    }
+#ifdef WITH_PCAP
+    if(session->pcap_ctx && buffer[i] == '\n'){
+    	ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_IN,buffer,i+1,i+1);
+    }
+#endif
+    if (buffer[i] == '\r') {
+      buffer[i] = '\0';
+    }
+    if (buffer[i] == '\n') {
+      buffer[i] = '\0';
+      str = strdup(buffer);
+      if (str == NULL) {
+        leave_function();
+        return NULL;
+      }
+      leave_function();
+      return str;
+    }
+  }
+
+  ssh_set_error(session, SSH_FATAL, "Too large banner");
+
+  leave_function();
+  return NULL;
+}
+
+/**
+ * @internal
+ *
+ * @brief Analyze the SSH banner to find out if we have a SSHv1 or SSHv2
+ * server.
+ *
+ * @param  session      The session to analyze the banner from.
+ * @param  ssh1         The variable which is set if it is a SSHv1 server.
+ * @param  ssh2         The variable which is set if it is a SSHv2 server.
+ *
+ * @return 0 on success, < 0 on error.
+ *
+ * @see ssh_get_banner()
+ */
+static int ssh_analyze_banner(ssh_session session, int *ssh1, int *ssh2) {
+  const char *banner = session->serverbanner;
+  const char *openssh;
+
+  ssh_log(session, SSH_LOG_RARE, "Analyzing banner: %s", banner);
+
+  if (strncmp(banner, "SSH-", 4) != 0) {
+    ssh_set_error(session, SSH_FATAL, "Protocol mismatch: %s", banner);
+    return -1;
+  }
+
+  /*
+   * Typical banners e.g. are:
+   * SSH-1.5-blah
+   * SSH-1.99-blah
+   * SSH-2.0-blah
+   */
+  switch(banner[4]) {
+    case '1':
+      *ssh1 = 1;
+      if (banner[6] == '9') {
+        *ssh2 = 1;
+      } else {
+        *ssh2 = 0;
+      }
+      break;
+    case '2':
+      *ssh1 = 0;
+      *ssh2 = 1;
+      break;
+    default:
+      ssh_set_error(session, SSH_FATAL, "Protocol mismatch: %s", banner);
+      return -1;
+  }
+
+  openssh = strstr(banner, "OpenSSH");
+  if (openssh != NULL) {
+    int major, minor;
+    major = strtol(openssh + 8, (char **) NULL, 10);
+    minor = strtol(openssh + 10, (char **) NULL, 10);
+    session->openssh = SSH_VERSION_INT(major, minor, 0);
+    ssh_log(session, SSH_LOG_RARE,
+        "We are talking to an OpenSSH server version: %d.%d (%x)",
+        major, minor, session->openssh);
+  }
+
+  return 0;
+}
+
+/** @internal
+ * @brief Sends a SSH banner to the server.
+ *
+ * @param session      The SSH session to use.
+ *
+ * @param server       Send client or server banner.
+ *
+ * @return 0 on success, < 0 on error.
+ */
+int ssh_send_banner(ssh_session session, int server) {
+  const char *banner = NULL;
+  char buffer[128] = {0};
+
+  enter_function();
+
+  banner = session->version == 1 ? CLIENTBANNER1 : CLIENTBANNER2;
+
+  if (session->xbanner) {
+    banner = session->xbanner;
+  }
+
+  if (server) {
+    session->serverbanner = strdup(banner);
+    if (session->serverbanner == NULL) {
+      leave_function();
+      return -1;
+    }
+  } else {
+    session->clientbanner = strdup(banner);
+    if (session->clientbanner == NULL) {
+      leave_function();
+      return -1;
+    }
+  }
+
+  snprintf(buffer, 128, "%s\r\n", banner);
+
+  if (ssh_socket_write(session->socket, buffer, strlen(buffer)) == SSH_ERROR) {
+    leave_function();
+    return -1;
+  }
+
+  if (ssh_socket_blocking_flush(session->socket) != SSH_OK) {
+    leave_function();
+    return -1;
+  }
+#ifdef WITH_PCAP
+  if(session->pcap_ctx)
+  	ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_OUT,buffer,strlen(buffer),strlen(buffer));
+#endif
+  leave_function();
+  return 0;
+}
+
+#define DH_STATE_INIT 0
+#define DH_STATE_INIT_TO_SEND 1
+#define DH_STATE_INIT_SENT 2
+#define DH_STATE_NEWKEYS_TO_SEND 3
+#define DH_STATE_NEWKEYS_SENT 4
+#define DH_STATE_FINISHED 5
+static int dh_handshake(ssh_session session) {
+  ssh_string e = NULL;
+  ssh_string f = NULL;
+  ssh_string pubkey = NULL;
+  ssh_string signature = NULL;
+  int rc = SSH_ERROR;
+
+  enter_function();
+
+  switch (session->dh_handshake_state) {
+    case DH_STATE_INIT:
+      if (buffer_add_u8(session->out_buffer, SSH2_MSG_KEXDH_INIT) < 0) {
+        goto error;
+      }
+
+      if (dh_generate_x(session) < 0) {
+        goto error;
+      }
+      if (dh_generate_e(session) < 0) {
+        goto error;
+      }
+
+      e = dh_get_e(session);
+      if (e == NULL) {
+        goto error;
+      }
+
+      if (buffer_add_ssh_string(session->out_buffer, e) < 0) {
+        goto error;
+      }
+      string_burn(e);
+      string_free(e);
+      e=NULL;
+
+      rc = packet_send(session);
+      if (rc == SSH_ERROR) {
+        goto error;
+      }
+
+      session->dh_handshake_state = DH_STATE_INIT_TO_SEND;
+    case DH_STATE_INIT_TO_SEND:
+      rc = packet_flush(session, 0);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+      session->dh_handshake_state = DH_STATE_INIT_SENT;
+    case DH_STATE_INIT_SENT:
+      rc = packet_wait(session, SSH2_MSG_KEXDH_REPLY, 1);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+
+      pubkey = buffer_get_ssh_string(session->in_buffer);
+      if (pubkey == NULL){
+        ssh_set_error(session,SSH_FATAL, "No public key in packet");
+        rc = SSH_ERROR;
+        goto error;
+      }
+      dh_import_pubkey(session, pubkey);
+
+      f = buffer_get_ssh_string(session->in_buffer);
+      if (f == NULL) {
+        ssh_set_error(session,SSH_FATAL, "No F number in packet");
+        rc = SSH_ERROR;
+        goto error;
+      }
+      if (dh_import_f(session, f) < 0) {
+        ssh_set_error(session, SSH_FATAL, "Cannot import f number");
+        rc = SSH_ERROR;
+        goto error;
+      }
+      string_burn(f);
+      string_free(f);
+      f=NULL;
+      signature = buffer_get_ssh_string(session->in_buffer);
+      if (signature == NULL) {
+        ssh_set_error(session, SSH_FATAL, "No signature in packet");
+        rc = SSH_ERROR;
+        goto error;
+      }
+      session->dh_server_signature = signature;
+      signature=NULL; /* ownership changed */
+      if (dh_build_k(session) < 0) {
+        ssh_set_error(session, SSH_FATAL, "Cannot build k number");
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      /* Send the MSG_NEWKEYS */
+      if (buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      rc = packet_send(session);
+      if (rc == SSH_ERROR) {
+        goto error;
+      }
+
+      session->dh_handshake_state = DH_STATE_NEWKEYS_TO_SEND;
+    case DH_STATE_NEWKEYS_TO_SEND:
+      rc = packet_flush(session, 0);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+      ssh_log(session, SSH_LOG_RARE, "SSH_MSG_NEWKEYS sent\n");
+
+      session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
+    case DH_STATE_NEWKEYS_SENT:
+      rc = packet_wait(session, SSH2_MSG_NEWKEYS, 1);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+      ssh_log(session, SSH_LOG_RARE, "Got SSH_MSG_NEWKEYS\n");
+
+      rc = make_sessionid(session);
+      if (rc != SSH_OK) {
+        goto error;
+      }
+
+      /*
+       * Set the cryptographic functions for the next crypto
+       * (it is needed for generate_session_keys for key lenghts)
+       */
+      if (crypt_set_algorithms(session)) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      if (generate_session_keys(session) < 0) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      /* Verify the host's signature. FIXME do it sooner */
+      signature = session->dh_server_signature;
+      session->dh_server_signature = NULL;
+      if (signature_verify(session, signature)) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      /* forget it for now ... */
+      string_burn(signature);
+      string_free(signature);
+      signature=NULL;
+      /*
+       * Once we got SSH2_MSG_NEWKEYS we can switch next_crypto and
+       * current_crypto
+       */
+      if (session->current_crypto) {
+        crypto_free(session->current_crypto);
+        session->current_crypto=NULL;
+      }
+
+      /* FIXME later, include a function to change keys */
+      session->current_crypto = session->next_crypto;
+
+      session->next_crypto = crypto_new();
+      if (session->next_crypto == NULL) {
+        rc = SSH_ERROR;
+        goto error;
+      }
+
+      session->dh_handshake_state = DH_STATE_FINISHED;
+
+      leave_function();
+      return SSH_OK;
+    default:
+      ssh_set_error(session, SSH_FATAL, "Invalid state in dh_handshake(): %d",
+          session->dh_handshake_state);
+
+      leave_function();
+      return SSH_ERROR;
+  }
+
+  /* not reached */
+error:
+  if(e != NULL){
+    string_burn(e);
+    string_free(e);
+  }
+  if(f != NULL){
+    string_burn(f);
+    string_free(f);
+  }
+  if(signature != NULL){
+    string_burn(signature);
+    string_free(signature);
+  }
+
+  leave_function();
+  return rc;
+}
+
+/**
+ * @internal
+ *
+ * @brief Request a service from the SSH server.
+ *
+ * Service requests are for example: ssh-userauth, ssh-connection, etc.
+ *
+ * @param  session      The session to use to ask for a service request.
+ * @param  service      The service request.
+ *
+ * @return 0 on success, < 0 on error.
+ */
+int ssh_service_request(ssh_session session, const char *service) {
+  ssh_string service_s = NULL;
+
+  enter_function();
+
+  if (buffer_add_u8(session->out_buffer, SSH2_MSG_SERVICE_REQUEST) < 0) {
+    leave_function();
+    return -1;
+  }
+
+  service_s = string_from_char(service);
+  if (service_s == NULL) {
+    leave_function();
+    return -1;
+  }
+
+  if (buffer_add_ssh_string(session->out_buffer,service_s) < 0) {
+    string_free(service_s);
+    leave_function();
+    return -1;
+  }
+  string_free(service_s);
+
+  if (packet_send(session) != SSH_OK) {
+    ssh_set_error(session, SSH_FATAL,
+        "Sending SSH2_MSG_SERVICE_REQUEST failed.");
+    leave_function();
+    return -1;
+  }
+
+  ssh_log(session, SSH_LOG_PACKET,
+      "Sent SSH_MSG_SERVICE_REQUEST (service %s)", service);
+
+  if (packet_wait(session,SSH2_MSG_SERVICE_ACCEPT,1) != SSH_OK) {
+    ssh_set_error(session, SSH_FATAL, "Did not receive SERVICE_ACCEPT");
+    leave_function();
+    return -1;
+  }
+
+  ssh_log(session, SSH_LOG_PACKET,
+      "Received SSH_MSG_SERVICE_ACCEPT (service %s)", service);
+
+  leave_function();
+  return 0;
+}
+
+/** \addtogroup ssh_session
+ * @{
+ */
+
+/** \brief connect to the ssh server
+ * \param session ssh session
+ * \return SSH_OK on success, SSH_ERROR on error
+ * \see ssh_new()
+ * \see ssh_disconnect()
+ */
+int ssh_connect(ssh_session session) {
+  int ssh1 = 0;
+  int ssh2 = 0;
+  int fd = -1;
+  int ret;
+
+  if (session == NULL) {
+    ssh_set_error(session, SSH_FATAL, "Invalid session pointer");
+    return SSH_ERROR;
+  }
+
+  enter_function();
+
+  session->alive = 0;
+  session->client = 1;
+
+  if (ssh_init() < 0) {
+    leave_function();
+    return SSH_ERROR;
+  }
+  if (session->fd == -1 && session->host == NULL &&
+      session->ProxyCommand == NULL) {
+    ssh_set_error(session, SSH_FATAL, "Hostname required");
+    leave_function();
+    return SSH_ERROR;
+  }
+
+  ret = ssh_options_apply(session);
+  if (ret < 0) {
+      ssh_set_error(session, SSH_FATAL, "Couldn't apply options");
+      leave_function();
+      return SSH_ERROR;
+  }
+
+  if (session->fd != -1) {
+    fd = session->fd;
+#ifndef _WIN32
+  } else if (session->ProxyCommand != NULL) {
+    fd=ssh_socket_connect_proxycommand(session, session->ProxyCommand);
+#endif
+  } else {
+    fd = ssh_connect_host(session, session->host, session->bindaddr,
+        session->port, session->timeout, session->timeout_usec);
+  }
+  if (fd < 0) {
+    leave_function();
+    return SSH_ERROR;
+  }
+  set_status(session, 0.2);
+
+  ssh_socket_set_fd(session->socket, fd);
+
+  session->alive = 1;
+  session->serverbanner = ssh_get_banner(session);
+  if (session->serverbanner == NULL) {
+    ssh_socket_close(session->socket);
+    session->alive = 0;
+    leave_function();
+    return SSH_ERROR;
+  }
+  set_status(session, 0.4);
+
+  ssh_log(session, SSH_LOG_RARE,
+      "SSH server banner: %s", session->serverbanner);
+
+  /* Here we analyse the different protocols the server allows. */
+  if (ssh_analyze_banner(session, &ssh1, &ssh2) < 0) {
+    ssh_socket_close(session->socket);
+    session->alive = 0;
+    leave_function();
+    return SSH_ERROR;
+  }
+
+  /* Here we decide which version of the protocol to use. */
+  if (ssh2 && session->ssh2) {
+    session->version = 2;
+  } else if(ssh1 && session->ssh1) {
+    session->version = 1;
+  } else {
+    ssh_set_error(session, SSH_FATAL,
+        "No version of SSH protocol usable (banner: %s)",
+        session->serverbanner);
+    ssh_socket_close(session->socket);
+    session->alive = 0;
+    leave_function();
+    return SSH_ERROR;
+  }
+
+  if (ssh_send_banner(session, 0) < 0) {
+    ssh_set_error(session, SSH_FATAL, "Sending the banner failed");
+    ssh_socket_close(session->socket);
+    session->alive = 0;
+    leave_function();
+    return SSH_ERROR;
+  }
+  set_status(session, 0.5);
+
+  switch (session->version) {
+    case 2:
+      if (ssh_get_kex(session,0) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      set_status(session,0.6);
+
+      ssh_list_kex(session, &session->server_kex);
+      if (set_kex(session) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      if (ssh_send_kex(session, 0) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      set_status(session,0.8);
+
+      if (dh_handshake(session) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      set_status(session,1.0);
+
+      session->connected = 1;
+      break;
+    case 1:
+      if (ssh_get_kex1(session) < 0) {
+        ssh_socket_close(session->socket);
+        session->alive = 0;
+        leave_function();
+        return SSH_ERROR;
+      }
+      set_status(session,0.6);
+
+      session->connected = 1;
+      break;
+  }
+
+  leave_function();
+  return 0;
+}
+
+/**
+ * @brief Get the issue banner from the server.
+ *
+ * This is the banner showing a disclaimer to users who log in,
+ * typically their right or the fact that they will be monitored.
+ *
+ * @param session       The SSH session to use.
+ *
+ * @return A newly allocated string with the banner, NULL on error.
+ */
+char *ssh_get_issue_banner(ssh_session session) {
+  if (session == NULL || session->banner == NULL) {
+    return NULL;
+  }
+
+  return string_to_char(session->banner);
+}
+
+/**
+ * @brief Get the version of the OpenSSH server, if it is not an OpenSSH server
+ * then 0 will be returned.
+ *
+ * You can use the SSH_VERSION_INT macro to compare version numbers.
+ *
+ * @param  session      The SSH session to use.
+ *
+ * @return The version number if available, 0 otherwise.
+ */
+int ssh_get_openssh_version(ssh_session session) {
+  if (session == NULL) {
+    return 0;
+  }
+
+  return session->openssh;
+}
+
+/**
+ * @brief Disconnect from a session (client or server).
+ * The session can then be reused to open a new session.
+ *
+ * @param session       The SSH session to disconnect.
+ */
+void ssh_disconnect(ssh_session session) {
+  ssh_string str = NULL;
+
+  if (session == NULL) {
+    return;
+  }
+
+  enter_function();
+
+  if (ssh_socket_is_open(session->socket)) {
+    if (buffer_add_u8(session->out_buffer, SSH2_MSG_DISCONNECT) < 0) {
+      goto error;
+    }
+    if (buffer_add_u32(session->out_buffer,
+          htonl(SSH2_DISCONNECT_BY_APPLICATION)) < 0) {
+      goto error;
+    }
+
+    str = string_from_char("Bye Bye");
+    if (str == NULL) {
+      goto error;
+    }
+
+    if (buffer_add_ssh_string(session->out_buffer,str) < 0) {
+      string_free(str);
+      goto error;
+    }
+    string_free(str);
+
+    packet_send(session);
+    ssh_socket_close(session->socket);
+  }
+  session->alive = 0;
+
+error:
+  leave_function();
+}
+
+const char *ssh_copyright(void) {
+    return SSH_STRINGIFY(LIBSSH_VERSION) " (c) 2003-2008 Aris Adamantiadis "
+    "(aris@0xbadc0de.be) Distributed under the LGPL, please refer to COPYING"
+    "file for information about your rights";
+}
+/** @} */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/config.c

@@ -27,7 +27,6 @@
 
 #include "libssh/priv.h"
 #include "libssh/session.h"
-#include "libssh/misc.h"
 
 enum ssh_config_opcode_e {
   SOC_UNSUPPORTED = -1,
@@ -40,8 +39,6 @@ enum ssh_config_opcode_e {
   SOC_COMPRESSION,
   SOC_TIMEOUT,
   SOC_PROTOCOL,
-  SOC_STRICTHOSTKEYCHECK,
-  SOC_KNOWNHOSTS,
   SOC_PROXYCOMMAND
 };
 
@@ -60,8 +57,6 @@ static struct ssh_config_keyword_table_s ssh_config_keyword_table[] = {
   { "compression", SOC_COMPRESSION },
   { "connecttimeout", SOC_TIMEOUT },
   { "protocol", SOC_PROTOCOL },
-  { "stricthostkeychecking", SOC_STRICTHOSTKEYCHECK },
-  { "userknownhostsfile", SOC_KNOWNHOSTS },
   { "proxycommand", SOC_PROXYCOMMAND },
   { NULL, SOC_UNSUPPORTED }
 };
@@ -78,7 +73,7 @@ static enum ssh_config_opcode_e ssh_config_get_opcode(char *keyword) {
   return SOC_UNSUPPORTED;
 }
 
-static char *ssh_config_get_cmd(char **str) {
+static char *ssh_config_get_token(char **str) {
   register char *c;
   char *r;
 
@@ -98,25 +93,6 @@ static char *ssh_config_get_cmd(char **str) {
     }
   }
 
-  for (r = c; *c; c++) {
-    if (*c == '\n') {
-      *c = '\0';
-      goto out;
-    }
-  }
-
-out:
-  *str = c + 1;
-
-  return r;
-}
-
-static char *ssh_config_get_token(char **str) {
-  register char *c;
-  char *r;
-
-  c = ssh_config_get_cmd(str);
-
   for (r = c; *c; c++) {
     if (isblank(*c)) {
       *c = '\0';
@@ -146,7 +122,7 @@ static int ssh_config_get_int(char **str, int notfound) {
   return notfound;
 }
 
-static const char *ssh_config_get_str_tok(char **str, const char *def) {
+static const char *ssh_config_get_str(char **str, const char *def) {
   char *p;
 
   p = ssh_config_get_token(str);
@@ -160,7 +136,7 @@ static const char *ssh_config_get_str_tok(char **str, const char *def) {
 static int ssh_config_get_yesno(char **str, int notfound) {
   const char *p;
 
-  p = ssh_config_get_str_tok(str, NULL);
+  p = ssh_config_get_str(str, NULL);
   if (p == NULL) {
     return notfound;
   }
@@ -180,7 +156,6 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
   const char *p;
   char *s, *x;
   char *keyword;
-  char *lowerhost;
   size_t len;
   int i;
 
@@ -210,24 +185,22 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
   switch (opcode) {
     case SOC_HOST:
       *parsing = 0;
-      lowerhost = (session->host) ? ssh_lowercase(session->host) : NULL;
-      for (p = ssh_config_get_str_tok(&s, NULL); p && *p;
-          p = ssh_config_get_str_tok(&s, NULL)) {
-        if (match_hostname(lowerhost, p, strlen(p))) {
+      for (p = ssh_config_get_str(&s, NULL); p && *p;
+          p = ssh_config_get_str(&s, NULL)) {
+        if (match_hostname(session->host, p, strlen(p))) {
           *parsing = 1;
         }
       }
-      SAFE_FREE(lowerhost);
       break;
     case SOC_HOSTNAME:
-      p = ssh_config_get_str_tok(&s, NULL);
+      p = ssh_config_get_str(&s, NULL);
       if (p && *parsing) {
         ssh_options_set(session, SSH_OPTIONS_HOST, p);
       }
       break;
     case SOC_PORT:
       if (session->port == 22) {
-          p = ssh_config_get_str_tok(&s, NULL);
+          p = ssh_config_get_str(&s, NULL);
           if (p && *parsing) {
               ssh_options_set(session, SSH_OPTIONS_PORT_STR, p);
           }
@@ -235,20 +208,20 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
       break;
     case SOC_USERNAME:
       if (session->username == NULL) {
-          p = ssh_config_get_str_tok(&s, NULL);
+          p = ssh_config_get_str(&s, NULL);
           if (p && *parsing) {
             ssh_options_set(session, SSH_OPTIONS_USER, p);
          }
       }
       break;
     case SOC_IDENTITY:
-      p = ssh_config_get_str_tok(&s, NULL);
+      p = ssh_config_get_str(&s, NULL);
       if (p && *parsing) {
         ssh_options_set(session, SSH_OPTIONS_ADD_IDENTITY, p);
       }
       break;
     case SOC_CIPHERS:
-      p = ssh_config_get_str_tok(&s, NULL);
+      p = ssh_config_get_str(&s, NULL);
       if (p && *parsing) {
         ssh_options_set(session, SSH_OPTIONS_CIPHERS_C_S, p);
         ssh_options_set(session, SSH_OPTIONS_CIPHERS_S_C, p);
@@ -258,14 +231,16 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
       i = ssh_config_get_yesno(&s, -1);
       if (i >= 0 && *parsing) {
         if (i) {
-          ssh_options_set(session, SSH_OPTIONS_COMPRESSION, "yes");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "zlib,none");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "zlib,none");
         } else {
-          ssh_options_set(session, SSH_OPTIONS_COMPRESSION, "no");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "none");
+          ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "none");
         }
       }
       break;
     case SOC_PROTOCOL:
-      p = ssh_config_get_str_tok(&s, NULL);
+      p = ssh_config_get_str(&s, NULL);
       if (p && *parsing) {
         char *a, *b;
         b = strdup(p);
@@ -301,31 +276,17 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
         ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &i);
       }
       break;
-    case SOC_STRICTHOSTKEYCHECK:
-      i = ssh_config_get_yesno(&s, -1);
-      if (i >= 0 && *parsing) {
-        ssh_options_set(session, SSH_OPTIONS_STRICTHOSTKEYCHECK, &i);
-      }
-      break;
-    case SOC_KNOWNHOSTS:
-      p = ssh_config_get_str_tok(&s, NULL);
-      if (p && *parsing) {
-        ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, p);
-      }
-      break;
     case SOC_PROXYCOMMAND:
-      p = ssh_config_get_cmd(&s);
+      p = ssh_config_get_str(&s, NULL);
       if (p && *parsing) {
         ssh_options_set(session, SSH_OPTIONS_PROXYCOMMAND, p);
       }
       break;
     case SOC_UNSUPPORTED:
-      ssh_log(session, SSH_LOG_RARE, "Unsupported option: %s, line: %d\n",
-              keyword, count);
+      fprintf(stderr, "Unsupported option: %s, line: %d\n", keyword, count);
       break;
     default:
-      ssh_set_error(session, SSH_FATAL, "ERROR - unimplemented opcode: %d\n",
-              opcode);
+      fprintf(stderr, "ERROR - unimplemented opcode: %d\n", opcode);
       SAFE_FREE(x);
       return -1;
       break;
@@ -346,7 +307,9 @@ int ssh_config_parse_file(ssh_session session, const char *filename) {
     return 0;
   }
 
-  ssh_log(session, SSH_LOG_RARE, "Reading configuration data from %s", filename);
+  if (session->log_verbosity) {
+    fprintf(stderr, "Reading configuration data from %s\n", filename);
+  }
 
   parsing = 1;
   while (fgets(line, sizeof(line), f)) {

libssh/connect.c

@@ -21,17 +21,12 @@
  * MA 02111-1307, USA.
  */
 
-#include "config.h"
-
 #include <errno.h>
 #include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 
-#include "libssh/libssh.h"
-#include "libssh/misc.h"
-
 #ifdef _WIN32
 /*
  * Only use Windows API functions available on Windows 2000 SP4 or later.
@@ -50,11 +45,6 @@
 #define NTDDI_VERSION 0x05010000 /* NTDDI_WINXP */
 #endif
 
-#if _MSC_VER >= 1400
-#include <io.h>
-#undef close
-#define close _close
-#endif /* _MSC_VER */
 #include <winsock2.h>
 #include <ws2tcpip.h>
 
@@ -77,19 +67,30 @@
 #include "libssh/socket.h"
 #include "libssh/channels.h"
 #include "libssh/session.h"
-#include "libssh/poll.h"
+
+#ifndef HAVE_SELECT
+#error "Your system must have select()"
+#endif
 
 #ifndef HAVE_GETADDRINFO
 #error "Your system must have getaddrinfo()"
 #endif
 
+#ifdef HAVE_REGCOMP
+/* don't declare gnu extended regexp's */
+#ifndef _POSIX_C_SOURCE
+#define _POSIX_C_SOURCE
+#endif
+#include <regex.h>
+#endif /* HAVE_REGCOMP */
+
 #ifdef _WIN32
-void ssh_sock_set_nonblocking(socket_t sock) {
+static void sock_set_nonblocking(socket_t sock) {
   u_long nonblocking = 1;
   ioctlsocket(sock, FIONBIO, &nonblocking);
 }
 
-void ssh_sock_set_blocking(socket_t sock) {
+static void sock_set_blocking(socket_t sock) {
   u_long nonblocking = 0;
   ioctlsocket(sock, FIONBIO, &nonblocking);
 }
@@ -105,16 +106,61 @@ char WSAAPI *gai_strerrorA(int code) {
 #endif /* gai_strerror */
 
 #else /* _WIN32 */
-void ssh_sock_set_nonblocking(socket_t sock) {
+static void sock_set_nonblocking(socket_t sock) {
   fcntl(sock, F_SETFL, O_NONBLOCK);
 }
 
-void ssh_sock_set_blocking(socket_t sock) {
+static void sock_set_blocking(socket_t sock) {
   fcntl(sock, F_SETFL, 0);
 }
 
 #endif /* _WIN32 */
 
+#ifdef HAVE_REGCOMP
+static regex_t *ip_regex = NULL;
+
+/** @internal
+ * @brief initializes and compile the regexp to be used for IP matching
+ * @returns -1 on error (and error message is set)
+ * @returns 0 on success
+ */
+int ssh_regex_init(){
+  if(ip_regex==NULL){
+    int err;
+    regex_t *regex=malloc(sizeof (regex_t));
+    ZERO_STRUCTP(regex);
+    err=regcomp(regex,"^[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+$",REG_EXTENDED | REG_NOSUB);
+    if(err != 0){
+      char buffer[128];
+      regerror(err,regex,buffer,sizeof(buffer));
+      fprintf(stderr,"Error while compiling regular expression : %s\n",buffer);
+      SAFE_FREE(regex);
+      return -1;
+    }
+    ip_regex=regex;
+  }
+  return 0;
+}
+
+/** @internal
+ * @brief clean up the IP regexp
+ */
+void ssh_regex_finalize(){
+  if(ip_regex){
+    regfree(ip_regex);
+    SAFE_FREE(ip_regex);
+  }
+}
+
+#else /* HAVE_REGCOMP */
+int ssh_regex_init(){
+  return 0;
+}
+void ssh_regex_finalize(){
+}
+#endif
+
+
 static int ssh_connect_socket_close(socket_t s){
 #ifdef _WIN32
   return closesocket(s);
@@ -138,53 +184,47 @@ static int getai(ssh_session session, const char *host, int port, struct addrinf
   if (port == 0) {
     hints.ai_flags = AI_PASSIVE;
   } else {
-    snprintf(s_port, sizeof(s_port), "%hu", (unsigned short)port);
+    snprintf(s_port, sizeof(s_port), "%hu", port);
     service = s_port;
 #ifdef AI_NUMERICSERV
     hints.ai_flags=AI_NUMERICSERV;
 #endif
   }
-
-  if (ssh_is_ipaddr(host)) {
+#ifdef HAVE_REGCOMP
+  if(regexec(ip_regex,host,0,NULL,0) == 0){
     /* this is an IP address */
     ssh_log(session,SSH_LOG_PACKET,"host %s matches an IP address",host);
     hints.ai_flags |= AI_NUMERICHOST;
   }
-
+#endif
   return getaddrinfo(host, service, &hints, ai);
 }
 
 static int ssh_connect_ai_timeout(ssh_session session, const char *host,
     int port, struct addrinfo *ai, long timeout, long usec, socket_t s) {
-  int timeout_ms;
-  ssh_pollfd_t fds;
+  struct timeval to;
+  fd_set set;
   int rc = 0;
-  socklen_t len = sizeof(rc);
+  unsigned int len = sizeof(rc);
 
   enter_function();
 
-  /* I know we're losing some precision. But it's not like poll-like family
-   * type of mechanisms are precise up to the microsecond.
-   */
-  timeout_ms=timeout * 1000 + usec / 1000;
+  to.tv_sec = timeout;
+  to.tv_usec = usec;
 
-  ssh_sock_set_nonblocking(s);
+  sock_set_nonblocking(s);
 
   ssh_log(session, SSH_LOG_RARE, "Trying to connect to host: %s:%d with "
-      "timeout %d ms", host, port, timeout_ms);
+      "timeout %ld.%ld", host, port, timeout, usec);
 
   /* The return value is checked later */
   connect(s, ai->ai_addr, ai->ai_addrlen);
   freeaddrinfo(ai);
 
-  fds.fd=s;
-  fds.revents=0;
-  fds.events=POLLOUT;
-#ifdef _WIN32
-  fds.events |= POLLWRNORM;
-#endif
-  rc = ssh_poll(&fds,1,timeout_ms);
+  FD_ZERO(&set);
+  FD_SET(s, &set);
 
+  rc = select(s + 1, NULL, &set, NULL, &to);
   if (rc == 0) {
     /* timeout */
     ssh_set_error(session, SSH_FATAL,
@@ -196,7 +236,7 @@ static int ssh_connect_ai_timeout(ssh_session session, const char *host,
 
   if (rc < 0) {
     ssh_set_error(session, SSH_FATAL,
-        "poll error: %s", strerror(errno));
+        "Select error: %s", strerror(errno));
     ssh_connect_socket_close(s);
     leave_function();
     return -1;
@@ -215,7 +255,7 @@ static int ssh_connect_ai_timeout(ssh_session session, const char *host,
 
   /* s is connected ? */
   ssh_log(session, SSH_LOG_PACKET, "Socket connected with timeout\n");
-  ssh_sock_set_blocking(s);
+  sock_set_blocking(s);
 
   leave_function();
   return s;
@@ -301,7 +341,6 @@ socket_t ssh_connect_host(ssh_session session, const char *host,
       ssh_set_error(session, SSH_FATAL, "Connect failed: %s", strerror(errno));
       ssh_connect_socket_close(s);
       s = -1;
-      leave_function();
       continue;
     } else {
       /* We are connected */
@@ -316,92 +355,8 @@ socket_t ssh_connect_host(ssh_session session, const char *host,
 }
 
 /**
- * @internal
- *
- * @brief Launches a nonblocking connect to an IPv4 or IPv6 host
- * specified by its IP address or hostname.
- *
- * @returns A file descriptor, < 0 on error.
- * @warning very ugly !!!
- */
-socket_t ssh_connect_host_nonblocking(ssh_session session, const char *host,
-    const char *bind_addr, int port) {
-  socket_t s = -1;
-  int rc;
-  struct addrinfo *ai;
-  struct addrinfo *itr;
-
-  enter_function();
-
-  rc = getai(session,host, port, &ai);
-  if (rc != 0) {
-    ssh_set_error(session, SSH_FATAL,
-        "Failed to resolve hostname %s (%s)", host, gai_strerror(rc));
-    leave_function();
-    return -1;
-  }
-
-  for (itr = ai; itr != NULL; itr = itr->ai_next){
-    /* create socket */
-    s = socket(itr->ai_family, itr->ai_socktype, itr->ai_protocol);
-    if (s < 0) {
-      ssh_set_error(session, SSH_FATAL,
-          "Socket create failed: %s", strerror(errno));
-      continue;
-    }
-
-    if (bind_addr) {
-      struct addrinfo *bind_ai;
-      struct addrinfo *bind_itr;
-
-      ssh_log(session, SSH_LOG_PACKET, "Resolving %s\n", bind_addr);
-
-      rc = getai(session,bind_addr, 0, &bind_ai);
-      if (rc != 0) {
-        ssh_set_error(session, SSH_FATAL,
-            "Failed to resolve bind address %s (%s)",
-            bind_addr,
-            gai_strerror(rc));
-        close(s);
-        s=-1;
-        break;
-      }
-
-      for (bind_itr = bind_ai; bind_itr != NULL; bind_itr = bind_itr->ai_next) {
-        if (bind(s, bind_itr->ai_addr, bind_itr->ai_addrlen) < 0) {
-          ssh_set_error(session, SSH_FATAL,
-              "Binding local address: %s", strerror(errno));
-          continue;
-        } else {
-          break;
-        }
-      }
-      freeaddrinfo(bind_ai);
-
-      /* Cannot bind to any local addresses */
-      if (bind_itr == NULL) {
-        ssh_connect_socket_close(s);
-        s = -1;
-        continue;
-      }
-    }
-    ssh_sock_set_nonblocking(s);
-
-    connect(s, itr->ai_addr, itr->ai_addrlen);
-    break;
-  }
-
-  freeaddrinfo(ai);
-  leave_function();
-
-  return s;
-}
-
-/**
- * @addtogroup libssh_session
- *
- * @{
- */
+ * @addtogroup ssh_session
+ * @{ */
 
 /**
  * @brief A wrapper for the select syscall
@@ -409,25 +364,25 @@ socket_t ssh_connect_host_nonblocking(ssh_session session, const char *host,
  * This functions acts more or less like the select(2) syscall.\n
  * There is no support for writing or exceptions.\n
  *
- * @param[in]  channels Arrays of channels pointers terminated by a NULL.
+ * @param  channels     Arrays of channels pointers terminated by a NULL.
  *                      It is never rewritten.
  *
- * @param[out] outchannels Arrays of same size that "channels", there is no need
- *                         to initialize it.
+ * @param  outchannels  Arrays of same size that "channels", there is no need
+ *                      to initialize it.
  *
- * @param[in]  maxfd    Maximum +1 file descriptor from readfds.
+ * @param  maxfd        Maximum +1 file descriptor from readfds.
  *
- * @param[in]  readfds  A fd_set of file descriptors to be select'ed for
+ * @param  readfds      A fd_set of file descriptors to be select'ed for
  *                      reading.
  *
- * @param[in]  timeout  A timeout for the select.
+ * @param  timeout      A timeout for the select.
  *
- * @return              -1 if an error occured. SSH_EINTR if it was interrupted, in
- *                      that case, just restart it.
+ * @return -1 if an error occured. E_INTR if it was interrupted. In that case,
+ *          just restart it.
  *
  * @warning libssh is not threadsafe here. That means that if a signal is caught
- *          during the processing of this function, you cannot call ssh
- *          functions on sessions that are busy with ssh_select().
+ * during the processing of this function, you cannot call ssh functions on
+ * sessions that are busy with ssh_select().
  *
  * @see select(2)
  */
@@ -435,7 +390,6 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
     fd_set *readfds, struct timeval *timeout) {
   struct timeval zerotime;
   fd_set localset, localset2;
-  socket_t f;
   int rep;
   int set;
   int i;
@@ -461,11 +415,11 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
   j = 0;
   for (i = 0; channels[i]; i++) {
     if (channels[i]->session->alive) {
-      if(ssh_channel_poll(channels[i], 0) > 0) {
+      if(channel_poll(channels[i], 0) > 0) {
         outchannels[j] = channels[i];
         j++;
       } else {
-        if(ssh_channel_poll(channels[i], 1) > 0) {
+        if(channel_poll(channels[i], 1) > 0) {
           outchannels[j] = channels[i];
           j++;
         }
@@ -476,8 +430,8 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
 
   /* Look into the localset for active fd */
   set = 0;
-  for (f = 0; (f < maxfd) && !set; f++) {
-    if (FD_ISSET(f, &localset)) {
+  for (i = 0; (i < maxfd) && !set; i++) {
+    if (FD_ISSET(i, &localset)) {
       set = 1;
     }
   }
@@ -520,7 +474,7 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
   for (i = 0; channels[i]; i++) {
     if (channels[i]->session->alive &&
         ssh_socket_fd_isset(channels[i]->session->socket,&localset)) {
-      ssh_socket_set_read_wontblock(channels[i]->session->socket);
+      ssh_socket_set_toread(channels[i]->session->socket);
     }
   }
 
@@ -529,8 +483,8 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
   for (i = 0; channels[i]; i++) {
     if (channels[i]->session->alive &&
         ssh_socket_fd_isset(channels[i]->session->socket,&localset)) {
-      if ((ssh_channel_poll(channels[i],0) > 0) ||
-          (ssh_channel_poll(channels[i], 1) > 0)) {
+      if ((channel_poll(channels[i],0) > 0) ||
+          (channel_poll(channels[i], 1) > 0)) {
         outchannels[j] = channels[i];
         j++;
       }
@@ -539,9 +493,9 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
   outchannels[j] = NULL;
 
   FD_ZERO(&localset2);
-  for (f = 0; f < maxfd; f++) {
-    if (FD_ISSET(f, readfds) && FD_ISSET(f, &localset)) {
-      FD_SET(f, &localset2);
+  for (i = 0; i < maxfd; i++) {
+    if (FD_ISSET(i, readfds) && FD_ISSET(i, &localset)) {
+      FD_SET(i, &localset2);
     }
   }
 
@@ -551,5 +505,4 @@ int ssh_select(ssh_channel *channels, ssh_channel *outchannels, socket_t maxfd,
 }
 
 /** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/crypt.c

@@ -27,7 +27,6 @@
 #include <string.h>
 
 #ifndef _WIN32
-#include <netinet/in.h>
 #include <arpa/inet.h>
 #endif
 
@@ -41,8 +40,6 @@
 #include "libssh/session.h"
 #include "libssh/wrapper.h"
 #include "libssh/crypto.h"
-#include "libssh/buffer.h"
-
 uint32_t packet_decrypt_len(ssh_session session, char *crypted){
   uint32_t decrypted;
 
@@ -182,7 +179,7 @@ unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
  * @param  mac          The mac to compare with the hmac.
  *
  * @return              0 if hmac and mac are equal, < 0 if not or an error
- *                      occurred.
+ *                      occured.
  */
 int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
     unsigned char *mac) {
@@ -199,7 +196,7 @@ int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
   seq = htonl(session->recv_seq);
 
   hmac_update(ctx, (unsigned char *) &seq, sizeof(uint32_t));
-  hmac_update(ctx, buffer_get_rest(buffer), buffer_get_rest_len(buffer));
+  hmac_update(ctx, buffer_get(buffer), buffer_get_len(buffer));
   hmac_final(ctx, hmacbuf, &len);
 
 #ifdef DEBUG_CRYPTO

libssh/dh.c

@@ -29,10 +29,10 @@
  * g and n are two numbers common to every ssh software.
  * client's public key (e) is calculated by doing:
  * e = g^x mod p
- * client sends e to the server.
+ * client sents e to the server.
  * the server computes his own public key, f
  * f = g^y mod p
- * it sends it to the client
+ * it sents it to the client
  * the common key K is calculated by the client by doing
  * k = f^x mod p
  * the server does the same with the client public key e
@@ -44,10 +44,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <limits.h>
 
 #ifndef _WIN32
-#include <netinet/in.h>
 #include <arpa/inet.h>
 #endif
 
@@ -106,6 +104,7 @@ int ssh_get_random(void *where, int len, int strong){
   return 1;
 }
 
+
 /*
  * This inits the values g and p which are used for DH key agreement
  * FIXME: Make the function thread safe by adding a semaphore or mutex.
@@ -114,6 +113,7 @@ int ssh_crypto_init(void) {
   if (ssh_crypto_initialized == 0) {
 #ifdef HAVE_LIBGCRYPT
     gcry_check_version(NULL);
+
     if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P,0)) {
       gcry_control(GCRYCTL_INIT_SECMEM, 4096);
       gcry_control(GCRYCTL_INITIALIZATION_FINISHED,0);
@@ -142,7 +142,6 @@ int ssh_crypto_init(void) {
     }
     bignum_bin2bn(p_value, P_LEN, p);
     OpenSSL_add_all_algorithms();
-
 #endif
 
     ssh_crypto_initialized = 1;
@@ -157,12 +156,6 @@ void ssh_crypto_finalize(void) {
     g = NULL;
     bignum_free(p);
     p = NULL;
-#ifdef HAVE_LIBGCRYPT
-    gcry_control(GCRYCTL_TERM_SECMEM);
-#elif defined HAVE_LIBCRYPTO
-    EVP_cleanup();
-    CRYPTO_cleanup_all_ex_data();
-#endif
     ssh_crypto_initialized=0;
   }
 }
@@ -195,9 +188,6 @@ char *ssh_get_hexa(const unsigned char *what, size_t len) {
   char *hexa = NULL;
   size_t i;
 
-  if (len > (UINT_MAX - 1) / 3)
-    return NULL;
-
   hexa = malloc(len * 3 + 1);
   if (hexa == NULL) {
     return NULL;
@@ -219,7 +209,7 @@ char *ssh_get_hexa(const unsigned char *what, size_t len) {
 /**
  * @brief Print a buffer as colon separated hex string.
  *
- * @param  descr        Description printed in front of the hex string.
+ * @param  descr        Description printed infront of the hex string.
  *
  * @param  what         What should be converted to a hex string.
  *
@@ -232,8 +222,6 @@ void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len) {
       return;
     }
     printf("%s: %s\n", descr, hexa);
-
-    free(hexa);
 }
 
 int dh_generate_x(ssh_session session) {
@@ -380,7 +368,7 @@ ssh_string make_bignum_string(bignum num) {
 
 bignum make_string_bn(ssh_string string){
   bignum bn = NULL;
-  unsigned int len = ssh_string_len(string);
+  unsigned int len = string_len(string);
 
 #ifdef DEBUG_CRYPTO
   fprintf(stderr, "Importing a %d bits, %d bytes object ...\n",
@@ -510,12 +498,12 @@ int make_sessionid(ssh_session session) {
     return rc;
   }
 
-  buf = ssh_buffer_new();
+  buf = buffer_new();
   if (buf == NULL) {
     return rc;
   }
 
-  str = ssh_string_from_char(session->clientbanner);
+  str = string_from_char(session->clientbanner);
   if (str == NULL) {
     goto error;
   }
@@ -523,9 +511,9 @@ int make_sessionid(ssh_session session) {
   if (buffer_add_ssh_string(buf, str) < 0) {
     goto error;
   }
-  ssh_string_free(str);
+  string_free(str);
 
-  str = ssh_string_from_char(session->serverbanner);
+  str = string_from_char(session->serverbanner);
   if (str == NULL) {
     goto error;
   }
@@ -555,25 +543,25 @@ int make_sessionid(ssh_session session) {
     goto error;
   }
 
-  len = ntohl(buffer_get_rest_len(client_hash));
+  len = ntohl(buffer_get_len(client_hash));
   if (buffer_add_u32(buf,len) < 0) {
     goto error;
   }
-  if (buffer_add_data(buf, buffer_get_rest(client_hash),
-        buffer_get_rest_len(client_hash)) < 0) {
+  if (buffer_add_data(buf, buffer_get(client_hash),
+        buffer_get_len(client_hash)) < 0) {
     goto error;
   }
 
-  len = ntohl(buffer_get_rest_len(server_hash));
+  len = ntohl(buffer_get_len(server_hash));
   if (buffer_add_u32(buf, len) < 0) {
     goto error;
   }
-  if (buffer_add_data(buf, buffer_get_rest(server_hash),
-        buffer_get_rest_len(server_hash)) < 0) {
+  if (buffer_add_data(buf, buffer_get(server_hash),
+        buffer_get_len(server_hash)) < 0) {
     goto error;
   }
 
-  len = ssh_string_len(session->next_crypto->server_pubkey) + 4;
+  len = string_len(session->next_crypto->server_pubkey) + 4;
   if (buffer_add_data(buf, session->next_crypto->server_pubkey, len) < 0) {
     goto error;
   }
@@ -583,38 +571,38 @@ int make_sessionid(ssh_session session) {
     goto error;
   }
 
-  len = ssh_string_len(num) + 4;
+  len = string_len(num) + 4;
   if (buffer_add_data(buf, num, len) < 0) {
     goto error;
   }
 
-  ssh_string_free(num);
+  string_free(num);
   num = make_bignum_string(session->next_crypto->f);
   if (num == NULL) {
     goto error;
   }
 
-  len = ssh_string_len(num) + 4;
+  len = string_len(num) + 4;
   if (buffer_add_data(buf, num, len) < 0) {
     goto error;
   }
 
-  ssh_string_free(num);
+  string_free(num);
   num = make_bignum_string(session->next_crypto->k);
   if (num == NULL) {
     goto error;
   }
 
-  len = ssh_string_len(num) + 4;
+  len = string_len(num) + 4;
   if (buffer_add_data(buf, num, len) < 0) {
     goto error;
   }
 
 #ifdef DEBUG_CRYPTO
-  ssh_print_hexa("hash buffer", ssh_buffer_get_begin(buf), ssh_buffer_get_len(buf));
+  ssh_print_hexa("hash buffer", buffer_get(buf), buffer_get_len(buf));
 #endif
 
-  sha1_update(ctx, buffer_get_rest(buf), buffer_get_rest_len(buf));
+  sha1_update(ctx, buffer_get(buf), buffer_get_len(buf));
   sha1_final(session->next_crypto->session_id, ctx);
 
 #ifdef DEBUG_CRYPTO
@@ -624,15 +612,15 @@ int make_sessionid(ssh_session session) {
 
   rc = SSH_OK;
 error:
-  ssh_buffer_free(buf);
-  ssh_buffer_free(client_hash);
-  ssh_buffer_free(server_hash);
+  buffer_free(buf);
+  buffer_free(client_hash);
+  buffer_free(server_hash);
 
   session->in_hashbuf = NULL;
   session->out_hashbuf = NULL;
 
-  ssh_string_free(str);
-  ssh_string_free(num);
+  string_free(str);
+  string_free(num);
 
   leave_function();
 
@@ -640,7 +628,7 @@ error:
 }
 
 int hashbufout_add_cookie(ssh_session session) {
-  session->out_hashbuf = ssh_buffer_new();
+  session->out_hashbuf = buffer_new();
   if (session->out_hashbuf == NULL) {
     return -1;
   }
@@ -668,7 +656,7 @@ int hashbufout_add_cookie(ssh_session session) {
 }
 
 int hashbufin_add_cookie(ssh_session session, unsigned char *cookie) {
-  session->in_hashbuf = ssh_buffer_new();
+  session->in_hashbuf = buffer_new();
   if (session->in_hashbuf == NULL) {
     return -1;
   }
@@ -696,7 +684,7 @@ static int generate_one_key(ssh_string k,
     return -1;
   }
 
-  sha1_update(ctx, k, ssh_string_len(k) + 4);
+  sha1_update(ctx, k, string_len(k) + 4);
   sha1_update(ctx, session_id, SHA_DIGEST_LEN);
   sha1_update(ctx, &letter, 1);
   sha1_update(ctx, session_id, SHA_DIGEST_LEN);
@@ -764,7 +752,7 @@ int generate_session_keys(ssh_session session) {
     if (ctx == NULL) {
       goto error;
     }
-    sha1_update(ctx, k_string, ssh_string_len(k_string) + 4);
+    sha1_update(ctx, k_string, string_len(k_string) + 4);
     sha1_update(ctx, session->next_crypto->session_id, SHA_DIGEST_LEN);
     sha1_update(ctx, session->next_crypto->encryptkey, SHA_DIGEST_LEN);
     sha1_final(session->next_crypto->encryptkey + SHA_DIGEST_LEN, ctx);
@@ -772,7 +760,7 @@ int generate_session_keys(ssh_session session) {
 
   if (session->next_crypto->in_cipher->keysize > SHA_DIGEST_LEN * 8) {
     ctx = sha1_init();
-    sha1_update(ctx, k_string, ssh_string_len(k_string) + 4);
+    sha1_update(ctx, k_string, string_len(k_string) + 4);
     sha1_update(ctx, session->next_crypto->session_id, SHA_DIGEST_LEN);
     sha1_update(ctx, session->next_crypto->decryptkey, SHA_DIGEST_LEN);
     sha1_final(session->next_crypto->decryptkey + SHA_DIGEST_LEN, ctx);
@@ -810,24 +798,20 @@ int generate_session_keys(ssh_session session) {
 
   rc = 0;
 error:
-  ssh_string_free(k_string);
+  string_free(k_string);
   leave_function();
 
   return rc;
 }
 
-/**
- * @addtogroup libssh_session
- *
- * @{
- */
-
+/** \addtogroup ssh_session
+ * @{ */
 /**
  * @brief Allocates a buffer with the MD5 hash of the server public key.
  *
- * @param[in] session   The SSH session to use.
+ * @param  session      The SSH session to use.
  *
- * @param[in] hash      The buffer to allocate.
+ * @param  hash         The buffer to allocate.
  *
  * @return The bytes allocated or < 0 on error.
  *
@@ -845,29 +829,25 @@ int ssh_get_pubkey_hash(ssh_session session, unsigned char **hash) {
   unsigned char *h;
 
   if (session == NULL || hash == NULL) {
-    return SSH_ERROR;
+    return -1;
   }
+
   *hash = NULL;
-  if (session->current_crypto == NULL ||
-      session->current_crypto->server_pubkey == NULL){
-    ssh_set_error(session,SSH_FATAL,"No current cryptographic context");
-    return SSH_ERROR;
-  }
 
   h = malloc(sizeof(unsigned char *) * MD5_DIGEST_LEN);
   if (h == NULL) {
-    return SSH_ERROR;
+    return -1;
   }
 
   ctx = md5_init();
   if (ctx == NULL) {
     SAFE_FREE(h);
-    return SSH_ERROR;
+    return -1;
   }
 
   pubkey = session->current_crypto->server_pubkey;
 
-  md5_update(ctx, pubkey->string, ssh_string_len(pubkey));
+  md5_update(ctx, pubkey->string, string_len(pubkey));
   md5_final(h, ctx);
 
   *hash = h;
@@ -877,11 +857,10 @@ int ssh_get_pubkey_hash(ssh_session session, unsigned char **hash) {
 
 /**
  * @brief Deallocate the hash obtained by ssh_get_pubkey_hash.
- *
  * This is required under Microsoft platform as this library might use a 
  * different C library than your software, hence a different heap.
  *
- * @param[in] hash      The buffer to deallocate.
+ * @param  hash         The buffer to deallocate.
  *
  * @see ssh_get_pubkey_hash()
  */
@@ -891,18 +870,14 @@ void ssh_clean_pubkey_hash(unsigned char **hash) {
 }
 
 ssh_string ssh_get_pubkey(ssh_session session){
-	if(session==NULL || session->current_crypto ==NULL ||
-      session->current_crypto->server_pubkey==NULL)
-    return NULL;
-	else
-    return ssh_string_copy(session->current_crypto->server_pubkey);
+    return string_copy(session->current_crypto->server_pubkey);
 }
 
 static int match(const char *group, const char *object){
   const char *a;
   const char *z;
 
-  z = group;
+  a = z = group;
   do {
     a = strchr(z, ',');
     if (a == NULL) {
@@ -939,7 +914,7 @@ int sig_verify(ssh_session session, ssh_public_key pubkey,
 #endif
 
   switch(pubkey->type) {
-    case SSH_KEYTYPE_DSS:
+    case TYPE_DSS:
 #ifdef HAVE_LIBGCRYPT
       valid = gcry_sexp_build(&gcryhash, NULL, "%b", SHA_DIGEST_LEN + 1, hash);
       if (valid != 0) {
@@ -974,8 +949,8 @@ int sig_verify(ssh_session session, ssh_public_key pubkey,
       ssh_set_error(session, SSH_FATAL, "Invalid DSA signature");
       return -1;
 
-    case SSH_KEYTYPE_RSA:
-    case SSH_KEYTYPE_RSA1:
+    case TYPE_RSA:
+    case TYPE_RSA1:
 #ifdef HAVE_LIBGCRYPT
       valid = gcry_sexp_build(&gcryhash, NULL,
           "(data(flags pkcs1)(hash sha1 %b))", SHA_DIGEST_LEN, hash + 1);
@@ -996,7 +971,7 @@ int sig_verify(ssh_session session, ssh_public_key pubkey,
       }
 #elif defined HAVE_LIBCRYPTO
       valid = RSA_verify(NID_sha1, hash + 1, SHA_DIGEST_LEN,
-          signature->rsa_sign->string, ssh_string_len(signature->rsa_sign),
+          signature->rsa_sign->string, string_len(signature->rsa_sign),
           pubkey->rsa_pub);
       if (valid == 1) {
         return 0;
@@ -1063,5 +1038,4 @@ int signature_verify(ssh_session session, ssh_string signature) {
 }
 
 /** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/error.c

@@ -24,14 +24,15 @@
 #include <stdio.h>
 #include <stdarg.h>
 #include "libssh/priv.h"
-#include "libssh/session.h"
 
 /**
- * @defgroup libssh_error The SSH error functions.
- * @ingroup libssh
- *
- * Functions for error handling.
+ * @defgroup ssh_error SSH Errors
  *
+ * @brief Functions for error handling.
+ */
+
+/**
+ * @addtogroup ssh_error
  * @{
  */
 
@@ -49,13 +50,12 @@
  * @param  ...         The arguments for the format string.
  */
 void ssh_set_error(void *error, int code, const char *descr, ...) {
-  struct ssh_common_struct *err = error;
+  struct error_struct *err = error;
   va_list va;
   va_start(va, descr);
-  vsnprintf(err->error.error_buffer, ERROR_BUFFERLEN, descr, va);
+  vsnprintf(err->error_buffer, ERROR_BUFFERLEN, descr, va);
   va_end(va);
-  err->error.error_code = code;
-  ssh_log_common(err,SSH_LOG_RARE,"Error : %s",err->error.error_buffer);
+  err->error_code = code;
 }
 
 /**
@@ -121,5 +121,4 @@ int ssh_get_error_code(void *error) {
 }
 
 /** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/* vim: set ts=2 sw=2 et cindent: */

libssh/gzip.c

@@ -58,10 +58,10 @@ static z_stream *initcompress(ssh_session session, int level) {
 
 static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level){
   z_stream *zout = session->current_crypto->compress_out_ctx;
-  void *in_ptr = buffer_get_rest(source);
-  unsigned long in_size = buffer_get_rest_len(source);
+  void *in_ptr = buffer_get(source);
+  unsigned long in_size = buffer_get_len(source);
   ssh_buffer dest = NULL;
-  unsigned char out_buf[BLOCKSIZE] = {0};
+  static unsigned char out_buf[BLOCKSIZE] = {0};
   unsigned long len;
   int status;
 
@@ -72,7 +72,7 @@ static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level)
     }
   }
 
-  dest = ssh_buffer_new();
+  dest = buffer_new();
   if (dest == NULL) {
     return NULL;
   }
@@ -84,14 +84,14 @@ static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level)
     zout->avail_out = BLOCKSIZE;
     status = deflate(zout, Z_PARTIAL_FLUSH);
     if (status != Z_OK) {
-      ssh_buffer_free(dest);
+      buffer_free(dest);
       ssh_set_error(session, SSH_FATAL,
           "status %d deflating zlib packet", status);
       return NULL;
     }
     len = BLOCKSIZE - zout->avail_out;
     if (buffer_add_data(dest, out_buf, len) < 0) {
-      ssh_buffer_free(dest);
+      buffer_free(dest);
       return NULL;
     }
     zout->next_out = out_buf;
@@ -103,22 +103,22 @@ static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level)
 int compress_buffer(ssh_session session, ssh_buffer buf) {
   ssh_buffer dest = NULL;
 
-  dest = gzip_compress(session, buf, session->compressionlevel);
+  dest = gzip_compress(session, buf, 9);
   if (dest == NULL) {
     return -1;
   }
 
   if (buffer_reinit(buf) < 0) {
-    ssh_buffer_free(dest);
+    buffer_free(dest);
     return -1;
   }
 
-  if (buffer_add_data(buf, buffer_get_rest(dest), buffer_get_rest_len(dest)) < 0) {
-    ssh_buffer_free(dest);
+  if (buffer_add_data(buf, buffer_get(dest), buffer_get_len(dest)) < 0) {
+    buffer_free(dest);
     return -1;
   }
 
-  ssh_buffer_free(dest);
+  buffer_free(dest);
   return 0;
 }
 
@@ -149,7 +149,7 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t
   z_stream *zin = session->current_crypto->compress_in_ctx;
   void *in_ptr = buffer_get_rest(source);
   unsigned long in_size = buffer_get_rest_len(source);
-  unsigned char out_buf[BLOCKSIZE] = {0};
+  static unsigned char out_buf[BLOCKSIZE] = {0};
   ssh_buffer dest = NULL;
   unsigned long len;
   int status;
@@ -161,7 +161,7 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t
     }
   }
 
-  dest = ssh_buffer_new();
+  dest = buffer_new();
   if (dest == NULL) {
     return NULL;
   }
@@ -173,21 +173,21 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t
   do {
     zin->avail_out = BLOCKSIZE;
     status = inflate(zin, Z_PARTIAL_FLUSH);
-    if (status != Z_OK && status != Z_BUF_ERROR) {
+    if (status != Z_OK) {
       ssh_set_error(session, SSH_FATAL,
           "status %d inflating zlib packet", status);
-      ssh_buffer_free(dest);
+      buffer_free(dest);
       return NULL;
     }
 
     len = BLOCKSIZE - zin->avail_out;
     if (buffer_add_data(dest,out_buf,len) < 0) {
-      ssh_buffer_free(dest);
+      buffer_free(dest);
       return NULL;
     }
-    if (buffer_get_rest_len(dest) > maxlen){
-      /* Size of packet exceeded, avoid a denial of service attack */
-      ssh_buffer_free(dest);
+    if (buffer_get_len(dest) > maxlen){
+      /* Size of packet exceded, avoid a denial of service attack */
+      buffer_free(dest);
       return NULL;
     }
     zin->next_out = out_buf;
@@ -205,16 +205,16 @@ int decompress_buffer(ssh_session session,ssh_buffer buf, size_t maxlen){
   }
 
   if (buffer_reinit(buf) < 0) {
-    ssh_buffer_free(dest);
+    buffer_free(dest);
     return -1;
   }
 
-  if (buffer_add_data(buf, buffer_get_rest(dest), buffer_get_rest_len(dest)) < 0) {
-    ssh_buffer_free(dest);
+  if (buffer_add_data(buf, buffer_get(dest), buffer_get_len(dest)) < 0) {
+    buffer_free(dest);
     return -1;
   }
 
-  ssh_buffer_free(dest);
+  buffer_free(dest);
   return 0;
 }
 

libssh/init.c

@@ -25,38 +25,31 @@
 #include "libssh/priv.h"
 #include "libssh/socket.h"
 #include "libssh/dh.h"
-#include "libssh/poll.h"
-#include "libssh/threads.h"
 
 #ifdef _WIN32
 #include <winsock2.h>
 #endif
 
 /**
- * @defgroup libssh The libssh API
- *
- * The libssh library is implementing the SSH protocols and some of its
- * extensions. This group of functions is mostly used to implment a SSH client.
- * Some function are needed to implement a SSH server too.
- *
+ * \addtogroup ssh_session
  * @{
  */
 
 /**
- * @brief Initialize global cryptographic data structures.
+ * @brief initialize global cryptographic data structures.
  *
  * This function should only be called once, at the beginning of the program, in
  * the main thread. It may be omitted if your program is not multithreaded.
  *
- * @returns             0 on success, -1 if an error occured.
+ * @returns 0
  */
 int ssh_init(void) {
-  if(ssh_threads_init())
-    return -1;
   if(ssh_crypto_init())
     return -1;
   if(ssh_socket_init())
     return -1;
+  if(ssh_regex_init())
+    return -1;
   return 0;
 }
 
@@ -66,20 +59,24 @@ int ssh_init(void) {
  *
  * This function should only be called once, at the end of the program!
  *
- * @returns             0 on succes, -1 if an error occured.
- *
+ * @returns -1 in case of error
    @returns 0 otherwise
  */
 int ssh_finalize(void) {
+  ssh_regex_finalize();
   ssh_crypto_finalize();
-  ssh_socket_cleanup();
-  /* It is important to finalize threading after CRYPTO because
-   * it still depends on it */
-  ssh_threads_finalize();
-
+#ifdef HAVE_LIBGCRYPT
+  gcry_control(GCRYCTL_TERM_SECMEM);
+#elif defined HAVE_LIBCRYPTO
+  EVP_cleanup();
+#endif
+#ifdef _WIN32
+  WSACleanup();
+#endif
   return 0;
 }
 
-/** @} */
-
-/* vim: set ts=4 sw=4 et cindent: */
+/**
+ * @}
+ */
+/* vim: set ts=2 sw=2 et cindent: */