From libssh2-devel-bounces@cool.haxx.se Sun Aug 1 17:40:12 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o71Fdn9U026063; Sun, 1 Aug 2010 17:40:06 +0200 Received: from mail-pv0-f182.google.com (mail-pv0-f182.google.com [74.125.83.182]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o71Fdl7O026003 for ; Sun, 1 Aug 2010 17:39:47 +0200 Received: by pvh1 with SMTP id 1so1450036pvh.41 for ; Sun, 01 Aug 2010 08:39:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=Wxxi2ccLivnQyVESqRClzCNEhyiTo4HLFoGPPq5qfHM=; b=F3oB4by2plssQ5A6nrjvki6uysonh1Nkws8qUNsJHRqJT//xPRpgZb/RIC1om37Ee4 +GzEwpkKsSSJYMgKkJry+FdVrAWfM0gYT7cdECQ8PUeBRs296yw3HL5Dnfx44cgbdT0p r+uI1GFNNIZKhscLOexf8K7Ve3kr5v7lwZprw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=GCqudTJihhPduXMbqrCZuj2J28gkOq6czKiFszJqWm6rL4cVZ0mqa+IAeIsOhdmHwG E/cpCpCEuu7jo9IISXxr7jq5plL6sM13xK7zAAodH7pVlLPi+pX/OyiyaJzjb447OBDw W1Zvhahm6PPhYC0FM80vJfuqtlRSOaLMZkums= MIME-Version: 1.0 Received: by 10.142.48.18 with SMTP id v18mr4193314wfv.337.1280677178372; Sun, 01 Aug 2010 08:39:38 -0700 (PDT) Received: by 10.142.147.14 with HTTP; Sun, 1 Aug 2010 08:39:38 -0700 (PDT) Date: Sun, 1 Aug 2010 17:39:38 +0200 Message-ID: Subject: SCP random size problem From: vicent roca daniel To: libssh2-devel@cool.haxx.se X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sun, 01 Aug 2010 17:40:12 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sun, 01 Aug 2010 17:39:48 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1750102375==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1750102375== Content-Type: multipart/alternative; boundary=000e0cd50aa849f352048cc4e4bb --000e0cd50aa849f352048cc4e4bb Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi Guys, I'm using libssh2 for a project and so far It's been a pleasure. I've a little problem though with scp. I'm using the same code in the examples, but I'm getting random size on the destination file. When I send a file, sometimes the file it's transfered ok, and other times not (incomplete) =BFAny clues? Thanks in advance. --000e0cd50aa849f352048cc4e4bb Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi Guys,
I'm using libssh2 for a project and so far It's been a= pleasure.
I've a little problem though with scp.
<= br>
I'm using the same code in the examples, but I'm gett= ing random size on the destination file.
When I send a file, sometimes the file it's transfered ok, and oth= er times not (incomplete)
=BFAny clues?

= Thanks in advance.
--000e0cd50aa849f352048cc4e4bb-- --===============1750102375== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1750102375==-- From libssh2-devel-bounces@cool.haxx.se Mon Aug 2 00:21:36 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o71MLK9C009528; Mon, 2 Aug 2010 00:21:34 +0200 Received: from giant.haxx.se (dast@giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o71MLJPq009517 for ; Mon, 2 Aug 2010 00:21:19 +0200 Date: Mon, 2 Aug 2010 00:21:19 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: SCP random size problem In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="1129329158-390987173-1280701279=:14882" X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 02 Aug 2010 00:21:36 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 02 Aug 2010 00:21:20 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --1129329158-390987173-1280701279=:14882 Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8BIT On Sun, 1 Aug 2010, vicent roca daniel wrote: > I've a little problem though with scp. > > I'm using the same code in the examples, but I'm getting random size on the > destination file. When I send a file, sometimes the file it's transfered ok, > and other times not (incomplete) żAny clues? I just checked, and the example/scp.c is wrong in as it seems to assume that libssh2_channel_read() will always return the full amount of data, while in reality it is made to never return MORE data than requested but may very well return less (and even 0 is not an error). I've fixed this example code now and pushed my commit. -- / daniel.haxx.se --1129329158-390987173-1280701279=:14882 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --1129329158-390987173-1280701279=:14882-- From libssh2-devel-bounces@cool.haxx.se Mon Aug 2 15:32:51 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o72DWSaX020224; Mon, 2 Aug 2010 15:32:45 +0200 Received: from mail.scriptpro.com (mail.scriptpro.com [69.150.239.3]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o72DWP1t020204 for ; Mon, 2 Aug 2010 15:32:26 +0200 Received: from 192.168.190.236 ([192.168.190.236]) by mail.scriptpro.com with XWall v3.45e ; Mon, 2 Aug 2010 08:32:16 -0500 Received: from excsvr002.scriptpro.com ([192.168.190.184]) by mxsvr003.scriptpro.com with XWall v3.44m ; Mon, 2 Aug 2010 08:32:15 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Subject: RE: Re: libssh2, winsshd, SFTP, and publickey login Date: Mon, 2 Aug 2010 08:32:15 -0500 Message-ID: <40AAD23D4FC4A6449A444BBCF60892BF015AC9A7@EXCSVR000.scriptpro.com> In-Reply-To: <712alpine.DEB.2.00.1007302346400.411@tvnag.unkk.fr> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Re: libssh2, winsshd, SFTP, and publickey login Thread-Index: AcswVL7Ik9fmMLyYSeedJte7L+p4AwB7F3Wg References: <40AAD23D4FC4A6449A444BBCF60892BF015AC945@EXCSVR000.scriptpro.com> <712alpine.DEB.2.00.1007302346400.411@tvnag.unkk.fr> From: To: X-XWALL-BCKS: auto X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 02 Aug 2010 15:32:51 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 02 Aug 2010 15:32:27 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se From: libssh2-devel-bounces@cool.haxx.se [mailto:libssh2-devel-bounces@cool.haxx.se] On Behalf Of Daniel Stenberg Sent: Friday, July 30, 2010 4:54 PM To: libssh2 development Subject: [Retrieved]Re: libssh2, winsshd, SFTP, and publickey login On Fri, 30 Jul 2010, rhamilton@scriptpro.com wrote: > Can anybody tell me if there is a trick to getting the key format right, so > I can use cUrl/libssh2 to do an SFTP transfer to/from a winsshd server with > a username and publickey? I have a key that works with putty's psftp, and > I've tried several ways to convert it with the puttygen tool Note that libssh2's API still requires you to pass on both the private and the public keys, so you must have both in the correct format. But it would help if you'd show us the exact little example source code you're running when you get your problem, and tell us what return code/error the libssh2 function that fails returns etc. Possibly also show us what a trace output log reveals. > Logon attempt 1 for user name 'test' with logon method > 'publickey' (algorithm: '-----BEGIN', That certainly seems like a bad algorithm and an indication of a problem. It indicates the file is bad I'd say. Or perhaps a bug in libssh2. > We've upgraded to the latest version of winsshd, and I've tried libssh2 > v1.0 and v1.2.6. There's no point in using any other libssh2 version than the most recent one. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --====================================================================== =========-- Thanks for the reply. I'm actually using command-line curl for the time being. I have a few different versions of the same key that give results like this. C:\SFTP>curl -v -u sshtest: --pubkey sshtest.private -l SFTP://spcaudev1 * About to connect() to spcaudev1 port 22 (#0) * Trying 192.168.191.24... connected * Connected to spcaudev1 (192.168.191.24) port 22 (#0) * SSH authentication methods available: publickey,gssapi-with-mic,password * Using ssh public key file sshtest.private * Using ssh private key file id_dsa * SSH public key authentication failed: Username/PublicKey combination invalid * Authentication failure * Closing connection #0 curl: (67) Authentication failure Other keys will give me a local error talking about things like "not base-64 encoded", or "not a private key". (Which I only mention because it convinces me the it is doing some kind of validation of the file.) In the cases where it does try to pass a key in, the error message from winsshd in the event log always seems to list the algoritm as basically the first word from the first line from the file. Original putty key... PuTTY-User-Key-File-2: ssh-rsa Encryption: none Comment: sshtest key Public-Lines: 4 AAAAB3NzaC1yc2EAAAABJQAAAIEAxIyY6rQac1ejaZHDNiFm8YMPkO7zJlpsvi7W ... Gives me... Logon attempt 1 for user name 'sshtest' with logon method 'publickey' (algorithm: 'PuTTY-User-Key-File-2:', public key MD5: da:c5:be:1b:58:ba:ac:18:cb:25:dc:f8:4e:63:0f:e6, test only) failed: The received public key algorithm name is unsupported or doesn't match the algorithm encoded in the public key. Puttygen exported to openssh... -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQDEjJjqtBpzV6NpkcM2I... Gives me... Logon attempt 1 for user name 'sshtest' with logon method 'publickey' (algorithm: '-----BEGIN', public key MD5: 2f:97:f3:92:54:28:b2:25:50:b9:51:8e:4d:8f:a8:e8, test only) failed: The received public key algorithm name is unsupported or doesn't match the algorithm encoded in the public key. Attempted manual cut-n-paste from puttygen dialog and private key file... ssh-rsa AAAAgQCKHZvjMnNzpV4S1SFkTtK3jId6mhKlVExp92adbVFFfOCLPuE5XqqSP81r ... Gives me... Logon attempt 1 for user name 'sshtest' with logon method 'publickey' (algorithm: 'ssh-rsa', public key MD5: ef:d5:15:e5:c6:2f:61:e7:14:1b:07:40:0a:a0:73:93, test only) failed: The received public key algorithm name is unsupported or doesn't match the algorithm encoded in the public key. If adding more debug output somewhere will help get to the bottom of it, then I'll give it a whirl. I was hoping it was just a case where I hadn't tried exporting to the right format to bridge the gap between the two. The odds-and-ends I'd seen on the subject from web searches seemed to point toward the openssh format that I'm already trying though. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 3 23:30:26 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o73LU4m6010155; Tue, 3 Aug 2010 23:30:22 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o73LU1md009856 for ; Tue, 3 Aug 2010 23:30:01 +0200 Received: by qwg5 with SMTP id 5so620764qwg.41 for ; Tue, 03 Aug 2010 14:29:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=W3ypeIjdr+I9F4hJ03KGdLUHaxgwvCmr0srpmMMSQZM=; b=H3m7z+29hqgQpv0wtAIohlR7HgXGEYDODTlxVoh3kiChckldVvg6aWnhPKikeSk4hj vWA4kEGhdiNqwum4UKKqcXwunkf6UVgg9Edz17dGt7thuhYUp6fbVSbmV+BTKgNvg/wU pTpGHLGXZD24MOFVsslNH/HG9vg9pLMd/fIJU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=vDsCcLkOuge8y/FO+nWC2IN60MyEW0NgICNNv+e6aJJcM71HnAvXqeoYmwtIsg66zY GAV2wpKFPzYR55X6DKUIDYyMTMrJoee/0YNVvpQANgF0UfViqNeHBBgH7s/DxxmW5mwL nVEpcRuqKBK9e/vdMVEK53bMcWzQfvlEIYzks= MIME-Version: 1.0 Received: by 10.224.37.134 with SMTP id x6mr3128375qad.208.1280870989493; Tue, 03 Aug 2010 14:29:49 -0700 (PDT) Received: by 10.229.69.170 with HTTP; Tue, 3 Aug 2010 14:29:49 -0700 (PDT) Date: Tue, 3 Aug 2010 23:29:49 +0200 Message-ID: Subject: libssh2_channel_exec() command ok? From: vicent roca daniel To: libssh2-devel@cool.haxx.se X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 03 Aug 2010 23:30:26 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 03 Aug 2010 23:30:01 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0061394766==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============0061394766== Content-Type: multipart/alternative; boundary=0015175cdb8c54f916048cf20488 --0015175cdb8c54f916048cf20488 Content-Type: text/plain; charset=ISO-8859-1 Hi guys! Quick Question. libssh2_channel_exec() always returns 0 when I executed it. It doesn mather if i put libssh2_channel_exec("ls) o libssh2_channel_exec("blahblablah"). I'd like to know if the command is executed. Is possible?? Thank you for all :) --0015175cdb8c54f916048cf20488 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi guys!
Quick Question.
libssh2_channel_exec()=A0always=A0re= turns 0 when I executed it.
It doesn mather if i put=A0libssh2_ch= annel_exec("ls) o=A0libssh2_channel_exec("blahblablah").

I'd like to know if the command is executed. Is possible= ??
Thank you for all :)
--0015175cdb8c54f916048cf20488-- --===============0061394766== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0061394766==-- From libssh2-devel-bounces@cool.haxx.se Wed Aug 4 02:46:20 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o740jxJm023560; Wed, 4 Aug 2010 02:46:17 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o740jvWL023550 for ; Wed, 4 Aug 2010 02:45:57 +0200 Received: (qmail 21152 invoked by uid 501); 4 Aug 2010 00:45:52 -0000 Message-ID: <20100804004552.21151.qmail@stuge.se> Date: Wed, 4 Aug 2010 02:45:52 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: libssh2_channel_exec() command ok? Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 04 Aug 2010 02:46:20 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 04 Aug 2010 02:45:57 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se vicent roca daniel wrote: > libssh2_channel_exec() always returns 0 when I executed it. That means that the server forked a process which will try to execute the specified command. > It doesn mather if i put libssh2_channel_exec("ls) > o libssh2_channel_exec("blahblablah"). > > I'd like to know if the command is executed. Is possible?? Look for the exit-status message from the server. See libssh2_channel_get_exit_status(). Note that you only get the exit status *after* the command has exited on the server. You need to read from the channel until it returns an error, and *then* check the exit status. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 5 18:16:29 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75GGDq0022938; Thu, 5 Aug 2010 18:16:25 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75GGBsk022870 for ; Thu, 5 Aug 2010 18:16:11 +0200 Received: by qwg5 with SMTP id 5so2981929qwg.41 for ; Thu, 05 Aug 2010 09:16:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=LwjPJoBe+2b+LoXYB1+R0btCQoCfn9HF2gNlGu898XI=; b=CY/mamXhwCj+QmnzfbNGaRTWh2tsmrHOPyQpC0EMprexG/WRQT2i/tlI3Xt7Z6KP1+ cC4kiSEn8gL7MzV6RkxrCHKCG7qlPFhJBi9tBEG4cRWqCz/IB+xrGFMYxH4wh5VVbvx9 rh7YZNc/0WpPbCr/K8LsF9zqOdVKJXV5fVBT4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=qAQjhtO+GrGPDWH03RZUkOa4PrNbfUZSFJStFqMMryZbCiuUMrAsqKEYSFtPd+T7ii EsXKkmSs8o2duyzqFhEaG77nV5LcqGXxIVap5K8/2NxDeCPdRsZu+u/onuq61oGlxaXr S40Tv0YL0mMIsZHcW2RTFC8boZUTauWt05KCU= MIME-Version: 1.0 Received: by 10.224.6.71 with SMTP id 7mr1703962qay.329.1281024962947; Thu, 05 Aug 2010 09:16:02 -0700 (PDT) Received: by 10.229.95.143 with HTTP; Thu, 5 Aug 2010 09:16:02 -0700 (PDT) Date: Thu, 5 Aug 2010 09:16:02 -0700 Message-ID: Subject: AES-CTR not available upon configure ibssh2 1.2.6 From: "A. Mark" To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 05 Aug 2010 18:16:29 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 05 Aug 2010 18:16:12 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hello! I noticed this upon ./configure... Crypto library: openssl: no (AES-CTR: N/A) libgcrypt: yes ...the same if forcing openssl, it's on a linux box, but I'm just wondering if the aes 256 cipher would stil be working regardless of this aes function not being detected? Thank you! _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 5 19:39:46 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75HdTu0002785; Thu, 5 Aug 2010 19:39:43 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75HdQOE002767 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 5 Aug 2010 19:39:28 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o75HdFPk063499 for ; Thu, 5 Aug 2010 10:39:20 -0700 (PDT) Message-ID: <4C5AF77E.D4680653@rcom-software.com> Date: Thu, 05 Aug 2010 10:40:14 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2 development Subject: Re: libssh2: Ported to UC Linux ? References: <4C2CE7A7.DE5EEF53@rcom-software.com> <87pqz3e8eh.fsf@mocca.josefsson.org> <4C309D23.2561ED9B@rcom-software.com> <87wrtbb8v1.fsf@mocca.josefsson.org> X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 05 Aug 2010 19:39:46 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 05 Aug 2010 19:39:28 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Simon: Does Werner Koch have a website where one can find libgcrpyt ? The following are the versions of the TLS related libraries I currently used and the versions you recommended. Library Current Recommended ------- -------- --------------- gsasl 0.2.20 1.4.4 gnutls 1.6.3 2.8.6 libgcrypt 1.2.4 1.4.5 libgpg-error 1.5 1.8 libtasn1 0.3.10 ? First, do any of the recommended versions have external interfaces changes ? Second, is there any reason to upgrade libtasn1, and if so, what version do you recommend ? Best Regards, Paul R. Simon Josefsson wrote: > Paul Romero writes: > > > Hi Simon: > > > > Thank you for answering my questions so thoroughly, and I complement > > you on the clarity of the UC Linux porting menus on your website. > > What versions of libgcrypt and the the standard GSASL libraries > > do you consider most stable ? I am particularly curious about > > libgnutls and those parts related to TLS. > > The safest bet (both for libssh2 and generally) is to use libgpg-error > 1.8 (you may need to provide --enable-static since they disabled it by > default) and libgcrypt 1.4.5. GnuTLS 2.8.6 is stable, as is GNU SASL > 1.4.4. If you need recent TLS renego stuff, you may want to try just > released GnuTLS 2.10.0 but I wouldn't label it stable at this point. > > /Simon > > > Best Regards, > > > > Paul R. > > > > > > Simon Josefsson wrote: > > > >> Paul, what Peter and Daniel has said so far should have answered all > >> your questions, but let me add some more things for clarity. > >> > >> Libssh2 has not been ported to uClinux in the sense that libssh2 > >> provides the integration glue to make it part of a normal uClinux build > >> environment (i.e., make menuconfig + dep + all). Doing so should be > >> relatively easy, and as you know I have posted recipes on this available > >> from http://josefsson.org/uclinux/ for a bunch of projects already, and > >> it should be very easy to adapt for example the gnutls or gsasl recipes > >> (which depends on libgpg-error + libgcrypt, like libssh2 does) for > >> libssh2 as well. > >> > >> Fortunately, libssh2 does not require anything more than what GNU SASL > >> or GnuTLS requires from Libgcrypt: SSH2 uses standard crypto algorithms > >> like MD5, SHA1, HMAC, AES, RSA and DSA. > >> > >> /Simon > >> _______________________________________________ > >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > > > > -- > > Paul Romero > > > > RCOM Communications Software > > > > Phone/Fax: (510)339-2628 > > E-Mail: paulr@rcom-software.com > > > > > > _______________________________________________ > > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 5 23:15:18 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LEvcd024835; Thu, 5 Aug 2010 23:15:15 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LEsEA024824 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 5 Aug 2010 23:14:56 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o75LEakZ008214 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Thu, 5 Aug 2010 23:14:43 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 References: OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100805:libssh2-devel@cool.haxx.se::uElNqZexvQDUANOa:nMXR Date: Thu, 05 Aug 2010 23:14:34 +0200 In-Reply-To: (A. Mark's message of "Thu, 5 Aug 2010 09:16:02 -0700") Message-ID: <87iq3on4n9.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 05 Aug 2010 23:15:18 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 05 Aug 2010 23:14:57 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se "A. Mark" writes: > Hello! > > I noticed this upon ./configure... > > Crypto library: openssl: no (AES-CTR: N/A) libgcrypt: yes > > ...the same if forcing openssl, it's on a linux box, but I'm just > wondering if the aes 256 cipher would stil be working regardless of > this aes function not being detected? AES-CTR is always supported by libssh2. The AES-CTR print above tells you whether your OpenSSL has AES-CTR or not. If you built OpenSSL yourself, chances are that it does, but most distributions appears to built OpenSSL without AES-CTR. If your OpenSSL doesn't have AES-CTR, libssh2 implements it internally instead. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 5 23:18:37 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LIaEK026447; Thu, 5 Aug 2010 23:18:37 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LIYqa026429 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 5 Aug 2010 23:18:35 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o75LIHt6008486 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Thu, 5 Aug 2010 23:18:22 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: libssh2: Ported to UC Linux ? References: <4C2CE7A7.DE5EEF53@rcom-software.com> <87pqz3e8eh.fsf@mocca.josefsson.org> <4C309D23.2561ED9B@rcom-software.com> <87wrtbb8v1.fsf@mocca.josefsson.org> <4C5AF77E.D4680653@rcom-software.com> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100805:libssh2-devel@cool.haxx.se::V5CvnzN5ub8D6jNF:9zr/ Date: Thu, 05 Aug 2010 23:18:15 +0200 In-Reply-To: <4C5AF77E.D4680653@rcom-software.com> (Paul Romero's message of "Thu, 05 Aug 2010 10:40:14 -0700") Message-ID: <87eiecn4h4.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 05 Aug 2010 23:18:37 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 05 Aug 2010 23:18:35 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Paul Romero writes: > Hi Simon: > > Does Werner Koch have a website where one can find libgcrpyt ? Try http://gnupg.org/ > The following are the versions of the TLS related libraries > I currently used and the versions you recommended. > > Library Current Recommended > ------- -------- --------------- > gsasl 0.2.20 1.4.4 > gnutls 1.6.3 2.8.6 > libgcrypt 1.2.4 1.4.5 > libgpg-error 1.5 1.8 > libtasn1 0.3.10 ? > > First, do any of the recommended versions have external > interfaces changes ? Yes I think most if not all of them do, check the NEWS entries for each project. There is mostly API/ABI additions, I don't recall any significant deletion/change, so software should work fine even with upgraded libraries. > Second, is there any reason to upgrade libtasn1, and if so, what > version do you recommend ? I recommend version 2.7. It has been cleaned up quite some since 0.3.x. It is completely backwards compatible. /Simon > Best Regards, > > Paul R. > > > > Simon Josefsson wrote: > >> Paul Romero writes: >> >> > Hi Simon: >> > >> > Thank you for answering my questions so thoroughly, and I complement >> > you on the clarity of the UC Linux porting menus on your website. >> > What versions of libgcrypt and the the standard GSASL libraries >> > do you consider most stable ? I am particularly curious about >> > libgnutls and those parts related to TLS. >> >> The safest bet (both for libssh2 and generally) is to use libgpg-error >> 1.8 (you may need to provide --enable-static since they disabled it by >> default) and libgcrypt 1.4.5. GnuTLS 2.8.6 is stable, as is GNU SASL >> 1.4.4. If you need recent TLS renego stuff, you may want to try just >> released GnuTLS 2.10.0 but I wouldn't label it stable at this point. >> >> /Simon >> >> > Best Regards, >> > >> > Paul R. >> > >> > >> > Simon Josefsson wrote: >> > >> >> Paul, what Peter and Daniel has said so far should have answered all >> >> your questions, but let me add some more things for clarity. >> >> >> >> Libssh2 has not been ported to uClinux in the sense that libssh2 >> >> provides the integration glue to make it part of a normal uClinux build >> >> environment (i.e., make menuconfig + dep + all). Doing so should be >> >> relatively easy, and as you know I have posted recipes on this available >> >> from http://josefsson.org/uclinux/ for a bunch of projects already, and >> >> it should be very easy to adapt for example the gnutls or gsasl recipes >> >> (which depends on libgpg-error + libgcrypt, like libssh2 does) for >> >> libssh2 as well. >> >> >> >> Fortunately, libssh2 does not require anything more than what GNU SASL >> >> or GnuTLS requires from Libgcrypt: SSH2 uses standard crypto algorithms >> >> like MD5, SHA1, HMAC, AES, RSA and DSA. >> >> >> >> /Simon >> >> _______________________________________________ >> >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel >> > >> > -- >> > Paul Romero >> > >> > RCOM Communications Software >> > >> > Phone/Fax: (510)339-2628 >> > E-Mail: paulr@rcom-software.com >> > >> > >> > _______________________________________________ >> > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel >> _______________________________________________ >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > > -- > Paul Romero > > RCOM Communications Software > > Phone/Fax: (510)339-2628 > E-Mail: paulr@rcom-software.com > > > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 5 23:24:35 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LOWum028981; Thu, 5 Aug 2010 23:24:34 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LO02h028720 for ; Thu, 5 Aug 2010 23:24:01 +0200 Received: by qwg5 with SMTP id 5so3378525qwg.41 for ; Thu, 05 Aug 2010 14:23:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=NtWWAeZM29i+SgFFjc95GO+cP3IOZGLO2jmAyoHWRsQ=; b=HSYl0Cq6QSl3DB8QCNa/WyJJLLKkPXc4gBf641LijuRnxbDJP6onzr0xPObKI65qSt qnDgLf1YHbGouhPmBlnsNrUCTmARNspkYX66ilb6/Jbh/J9ffj2PSQVyTdshrAVI99+9 BQwVPV3LAm3pLE6t7vMpN56qV78YXv6EM5FR0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=JIHB5pwS8XlEdzk/0A25yIWj3N2s9PpXKtoomXXaiq/6HVV9HfVFz+gpdRsiR8zYxZ j2H7t3g1vMe3fjjDdxdYzHuF7zzyc2KSdSLKyTfccFS0RhNUXSgJbTVdRnd/PoBovKvf QXrXKfyr4vAvZN+U8JGEkwNfwyh+7Ce8A8+JA= MIME-Version: 1.0 Received: by 10.224.11.9 with SMTP id r9mr5424543qar.180.1281043431379; Thu, 05 Aug 2010 14:23:51 -0700 (PDT) Received: by 10.229.95.143 with HTTP; Thu, 5 Aug 2010 14:23:51 -0700 (PDT) In-Reply-To: <87iq3on4n9.fsf@mocca.josefsson.org> References: <87iq3on4n9.fsf@mocca.josefsson.org> Date: Thu, 5 Aug 2010 14:23:51 -0700 Message-ID: Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 From: "A. Mark" To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 05 Aug 2010 23:24:35 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 05 Aug 2010 23:24:01 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se > If your OpenSSL doesn't have AES-CTR, > libssh2 implements it internally instead. That sounds terrific, is there a way to selects which cipher should be used during the session? _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 5 23:32:39 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LWWDs032241; Thu, 5 Aug 2010 23:32:39 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LWUV3032192 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 5 Aug 2010 23:32:30 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o75LWKgr009380 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Thu, 5 Aug 2010 23:32:22 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 References: <87iq3on4n9.fsf@mocca.josefsson.org> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100805:libssh2-devel@cool.haxx.se::Ik9e5Dvk+cR3XCSv:2LQa Date: Thu, 05 Aug 2010 23:32:18 +0200 In-Reply-To: (A. Mark's message of "Thu, 5 Aug 2010 14:23:51 -0700") Message-ID: <87aap0n3tp.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 05 Aug 2010 23:32:39 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 05 Aug 2010 23:32:30 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se "A. Mark" writes: >> If your OpenSSL doesn't have AES-CTR, >> libssh2 implements it internally instead. > > That sounds terrific, is there a way to selects which cipher should be > used during the session? Hmm, I don't think so. The ordering is hard coded in src/crypt.c. The ssh2 protocol will negotiate the "best" mutually supported algorithm. (I should have mentioned that libssh2 will only support AES-CTR if AES is available: we don't implement AES ourselves, only the CTR mode.) static const LIBSSH2_CRYPT_METHOD *_libssh2_crypt_methods[] = { #if LIBSSH2_AES_CTR &libssh2_crypt_method_aes128_ctr, &libssh2_crypt_method_aes192_ctr, &libssh2_crypt_method_aes256_ctr, #endif /* LIBSSH2_AES */ #if LIBSSH2_AES &libssh2_crypt_method_aes256_cbc, &libssh2_crypt_method_rijndael_cbc_lysator_liu_se, /* == aes256-cbc */ &libssh2_crypt_method_aes192_cbc, &libssh2_crypt_method_aes128_cbc, #endif /* LIBSSH2_AES */ #if LIBSSH2_BLOWFISH &libssh2_crypt_method_blowfish_cbc, #endif /* LIBSSH2_BLOWFISH */ #if LIBSSH2_RC4 &libssh2_crypt_method_arcfour128, &libssh2_crypt_method_arcfour, #endif /* LIBSSH2_RC4 */ #if LIBSSH2_CAST &libssh2_crypt_method_cast128_cbc, #endif /* LIBSSH2_CAST */ #if LIBSSH2_3DES &libssh2_crypt_method_3des_cbc, #endif /* LIBSSH2_DES */ #ifdef LIBSSH2_CRYPT_NONE &libssh2_crypt_method_none, #endif NULL }; /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 5 23:57:17 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LvBHq009793; Thu, 5 Aug 2010 23:57:17 +0200 Received: from mail-qy0-f175.google.com (mail-qy0-f175.google.com [209.85.216.175]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75Lv9Wh009752 for ; Thu, 5 Aug 2010 23:57:10 +0200 Received: by qyk11 with SMTP id 11so3806383qyk.20 for ; Thu, 05 Aug 2010 14:57:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=AjGDWWiuMfCnRzActKrXWkao9qAKLUE77Mjlf9g/iuM=; b=iVMvVFGSK5ih67MXRbMO2sQ483v63fYfViITk8mSRUCTq9vNhgmRDoC6QC+KNf0Knd kuDAgpJvRIUxg0uwiPdwtVY1JHr3UtV7TeHL0PmRjLl9X4/W7gvzQqEmDiHzOG9DsWVt gT89Oz+UzsuopKrPR7WjhLP1ww55XYktsH+54= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=qqXub6SMP7h8xYrsmAkx2PBkealtOKNdiDeU0En3D9I7mCkjT/hbRQLDAyBAMfpd5j hI2HiiOcr1vnA4ldb15tbAJn3mAq0hAQV6PF3ASza2tEspWVKycK1pDX3KXxbGwJJGef EuSiywPD23qfUJ0slF8UbnhINFshYan4IpGfw= MIME-Version: 1.0 Received: by 10.224.19.205 with SMTP id c13mr5529755qab.215.1281045420076; Thu, 05 Aug 2010 14:57:00 -0700 (PDT) Received: by 10.229.95.143 with HTTP; Thu, 5 Aug 2010 14:56:59 -0700 (PDT) In-Reply-To: <87aap0n3tp.fsf@mocca.josefsson.org> References: <87iq3on4n9.fsf@mocca.josefsson.org> <87aap0n3tp.fsf@mocca.josefsson.org> Date: Thu, 5 Aug 2010 14:56:59 -0700 Message-ID: Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 From: "A. Mark" To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 05 Aug 2010 23:57:17 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 05 Aug 2010 23:57:10 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Is there a convenience function to get that string array, and is there a way to check which cipher is actually being used? Or I should look at the source code and try to figure it out? _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 6 01:22:29 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75NMEmQ021779; Fri, 6 Aug 2010 01:22:27 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75NMBaI021769 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Fri, 6 Aug 2010 01:22:13 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o75NM41K077991 for ; Thu, 5 Aug 2010 16:22:04 -0700 (PDT) Message-ID: <4C5B47D6.D81F8B1D@rcom-software.com> Date: Thu, 05 Aug 2010 16:23:03 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2 development Subject: Re: libssh2: Ported to UC Linux ? References: <4C2CE7A7.DE5EEF53@rcom-software.com> <87pqz3e8eh.fsf@mocca.josefsson.org> <4C309D23.2561ED9B@rcom-software.com> <87wrtbb8v1.fsf@mocca.josefsson.org> X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 06 Aug 2010 01:22:29 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 06 Aug 2010 01:22:13 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Simon: Which file should contain --enable-static ? Best Regards, Paul R. Simon Josefsson wrote: > Paul Romero writes: > > > Hi Simon: > > > > Thank you for answering my questions so thoroughly, and I complement > > you on the clarity of the UC Linux porting menus on your website. > > What versions of libgcrypt and the the standard GSASL libraries > > do you consider most stable ? I am particularly curious about > > libgnutls and those parts related to TLS. > > The safest bet (both for libssh2 and generally) is to use libgpg-error > 1.8 (you may need to provide --enable-static since they disabled it by > default) and libgcrypt 1.4.5. GnuTLS 2.8.6 is stable, as is GNU SASL > 1.4.4. If you need recent TLS renego stuff, you may want to try just > released GnuTLS 2.10.0 but I wouldn't label it stable at this point. > > /Simon > > > Best Regards, > > > > Paul R. > > > > > > Simon Josefsson wrote: > > > >> Paul, what Peter and Daniel has said so far should have answered all > >> your questions, but let me add some more things for clarity. > >> > >> Libssh2 has not been ported to uClinux in the sense that libssh2 > >> provides the integration glue to make it part of a normal uClinux build > >> environment (i.e., make menuconfig + dep + all). Doing so should be > >> relatively easy, and as you know I have posted recipes on this available > >> from http://josefsson.org/uclinux/ for a bunch of projects already, and > >> it should be very easy to adapt for example the gnutls or gsasl recipes > >> (which depends on libgpg-error + libgcrypt, like libssh2 does) for > >> libssh2 as well. > >> > >> Fortunately, libssh2 does not require anything more than what GNU SASL > >> or GnuTLS requires from Libgcrypt: SSH2 uses standard crypto algorithms > >> like MD5, SHA1, HMAC, AES, RSA and DSA. > >> > >> /Simon > >> _______________________________________________ > >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > > > > -- > > Paul Romero > > > > RCOM Communications Software > > > > Phone/Fax: (510)339-2628 > > E-Mail: paulr@rcom-software.com > > > > > > _______________________________________________ > > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 6 01:39:48 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75NdeTC027907; Fri, 6 Aug 2010 01:39:46 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75Ndap7027837 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Fri, 6 Aug 2010 01:39:38 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o75NdToo078501 for ; Thu, 5 Aug 2010 16:39:29 -0700 (PDT) Message-ID: <4C5B4BEC.4D78E6F9@rcom-software.com> Date: Thu, 05 Aug 2010 16:40:28 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2 development Subject: Re: libssh2: Ported to UC Linux ? References: <4C2CE7A7.DE5EEF53@rcom-software.com> <87pqz3e8eh.fsf@mocca.josefsson.org> <4C309D23.2561ED9B@rcom-software.com> <87wrtbb8v1.fsf@mocca.josefsson.org> <4C5AF77E.D4680653@rcom-software.com> <87eiecn4h4.fsf@mocca.josefsson.org> X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 06 Aug 2010 01:39:48 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 06 Aug 2010 01:39:38 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Simon: Which file does the --enable-static go in ? Best Regards, Paul R. Simon Josefsson wrote: > Paul Romero writes: > > > Hi Simon: > > > > Does Werner Koch have a website where one can find libgcrpyt ? > > Try http://gnupg.org/ > > > The following are the versions of the TLS related libraries > > I currently used and the versions you recommended. > > > > Library Current Recommended > > ------- -------- --------------- > > gsasl 0.2.20 1.4.4 > > gnutls 1.6.3 2.8.6 > > libgcrypt 1.2.4 1.4.5 > > libgpg-error 1.5 1.8 > > libtasn1 0.3.10 ? > > > > First, do any of the recommended versions have external > > interfaces changes ? > > Yes I think most if not all of them do, check the NEWS entries for each > project. There is mostly API/ABI additions, I don't recall any > significant deletion/change, so software should work fine even with > upgraded libraries. > > > Second, is there any reason to upgrade libtasn1, and if so, what > > version do you recommend ? > > I recommend version 2.7. It has been cleaned up quite some since 0.3.x. > It is completely backwards compatible. > > /Simon > > > Best Regards, > > > > Paul R. > > > > > > > > Simon Josefsson wrote: > > > >> Paul Romero writes: > >> > >> > Hi Simon: > >> > > >> > Thank you for answering my questions so thoroughly, and I complement > >> > you on the clarity of the UC Linux porting menus on your website. > >> > What versions of libgcrypt and the the standard GSASL libraries > >> > do you consider most stable ? I am particularly curious about > >> > libgnutls and those parts related to TLS. > >> > >> The safest bet (both for libssh2 and generally) is to use libgpg-error > >> 1.8 (you may need to provide --enable-static since they disabled it by > >> default) and libgcrypt 1.4.5. GnuTLS 2.8.6 is stable, as is GNU SASL > >> 1.4.4. If you need recent TLS renego stuff, you may want to try just > >> released GnuTLS 2.10.0 but I wouldn't label it stable at this point. > >> > >> /Simon > >> > >> > Best Regards, > >> > > >> > Paul R. > >> > > >> > > >> > Simon Josefsson wrote: > >> > > >> >> Paul, what Peter and Daniel has said so far should have answered all > >> >> your questions, but let me add some more things for clarity. > >> >> > >> >> Libssh2 has not been ported to uClinux in the sense that libssh2 > >> >> provides the integration glue to make it part of a normal uClinux build > >> >> environment (i.e., make menuconfig + dep + all). Doing so should be > >> >> relatively easy, and as you know I have posted recipes on this available > >> >> from http://josefsson.org/uclinux/ for a bunch of projects already, and > >> >> it should be very easy to adapt for example the gnutls or gsasl recipes > >> >> (which depends on libgpg-error + libgcrypt, like libssh2 does) for > >> >> libssh2 as well. > >> >> > >> >> Fortunately, libssh2 does not require anything more than what GNU SASL > >> >> or GnuTLS requires from Libgcrypt: SSH2 uses standard crypto algorithms > >> >> like MD5, SHA1, HMAC, AES, RSA and DSA. > >> >> > >> >> /Simon > >> >> _______________________________________________ > >> >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > >> > > >> > -- > >> > Paul Romero > >> > > >> > RCOM Communications Software > >> > > >> > Phone/Fax: (510)339-2628 > >> > E-Mail: paulr@rcom-software.com > >> > > >> > > >> > _______________________________________________ > >> > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > >> _______________________________________________ > >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > > > > -- > > Paul Romero > > > > RCOM Communications Software > > > > Phone/Fax: (510)339-2628 > > E-Mail: paulr@rcom-software.com > > > > > > _______________________________________________ > > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 7 07:27:13 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o775Qlao018356; Sat, 7 Aug 2010 07:27:07 +0200 Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com [74.125.82.182]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o775QjV9018341 for ; Sat, 7 Aug 2010 07:26:46 +0200 Received: by wyj26 with SMTP id 26so11464069wyj.41 for ; Fri, 06 Aug 2010 22:26:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=RzwycfGOMUx7NReH5LA+Ay2czZxSf56F2EpMBuHT1qY=; b=kcBfAWLqsKnogWfhvKRJxXARqbheiTb7XwBNG98FxDm1CGlh4karrEbxhrAb5chAw1 n/4YN/FuNubPPopiNgD5tK8EpXhSMGZ4S8EVcZbCmjXIrf9/HUuXH8Ra0paLMJe3eq90 4M6AB0PAJK5zm5jUVfYpcAkgpCwZ55o0mLQ8E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=vPvnBqXQ6kWlaYbAoAbdO0eltidqPlSSIvQLruDkfHru7M7atdi2rRL3NJ+DdFI6Rh zWbSfuViaiD8b6UhGdFhFIsqregwN7T4snRuZnB14QnCAsrewGEdprdkPmE5AP4qc/Mt EaWsVeS5o93r5tyZvvl/zu+btSliLDSTZnLMs= MIME-Version: 1.0 Received: by 10.227.155.143 with SMTP id s15mr11602776wbw.154.1281158800382; Fri, 06 Aug 2010 22:26:40 -0700 (PDT) Received: by 10.216.24.210 with HTTP; Fri, 6 Aug 2010 22:26:40 -0700 (PDT) Date: Sat, 7 Aug 2010 01:26:40 -0400 Message-ID: Subject: compile under win32 using gnu toolchain? From: Toan Pham To: libssh2-devel@cool.haxx.se X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 07 Aug 2010 07:27:13 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 07 Aug 2010 07:26:46 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi, I try to compile libssh2 for windows using mingw and gnu gcc compiler under windows xp. Because libssh2 depends on libgcrypt or openssl, which also depends on liberror (something i forgot at the moment. I am curious if anyone has compiled it in windows using gcc tools before? i had some problem compiling liberrorcode, i think i was missing a dependency check utility (depmon). would someone give me some pointers on compiling it. thank you. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 7 07:50:28 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o775oNJU030756; Sat, 7 Aug 2010 07:50:28 +0200 Received: from mail-ww0-f54.google.com (mail-ww0-f54.google.com [74.125.82.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o775oLLv030691 for ; Sat, 7 Aug 2010 07:50:21 +0200 Received: by wwd20 with SMTP id 20so400350wwd.11 for ; Fri, 06 Aug 2010 22:50:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=euc2Xqi44ch1y42IMOmdeioY+y+QW9mokdsxHdztnw8=; b=Mnfzgzt82g6HcBYmRh15LEdH2+Ev/k0yuzdQeE8Jn3EKCXC7Qzyjm7MTbs4+TQ4Zcm gy0TeqDVyzPuwCaUI0u+BsKmzkTrkWmsCXNJvt8LMMo+K7CRphlV9gUdQQSUcnJU4kLe ZfuRgBaTfg4OdBFfEHvtJRmVXD9yQXyIIx+Ck= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=BltofWNlxUdu+3zv7tiW04lT1lZbJPr6oe5jIR6GyWepNXra5xDxCxuhZeZt/X44jx NQvgVcG5Qw2uzeXXVo4f6ZhlWvCyGrHeYp2xd7AnUoSEjl+i4LUbUnj1/S4U5yiNFPVN HDxb9cUgpLLBTLlQN0PzjC2Bvxc4M5ZfZXgHc= MIME-Version: 1.0 Received: by 10.227.154.211 with SMTP id p19mr11048326wbw.19.1281160215721; Fri, 06 Aug 2010 22:50:15 -0700 (PDT) Received: by 10.216.24.210 with HTTP; Fri, 6 Aug 2010 22:50:15 -0700 (PDT) In-Reply-To: References: Date: Sat, 7 Aug 2010 01:50:15 -0400 Message-ID: Subject: Re: compile under win32 using gnu toolchain? From: Toan Pham To: libssh2-devel@cool.haxx.se X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 07 Aug 2010 07:50:28 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 07 Aug 2010 07:50:21 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se on google search, i see a patch for mingw compilation of libssh2 for windows. hmm, am i missing something. would someone please give me some sort of directions. thanks _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 7 09:31:26 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o777V9GU023558; Sat, 7 Aug 2010 09:31:24 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o777V8lN023555 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sat, 7 Aug 2010 09:31:08 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o777V2oc003006 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Sat, 7 Aug 2010 09:31:04 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 References: <87iq3on4n9.fsf@mocca.josefsson.org> <87aap0n3tp.fsf@mocca.josefsson.org> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100807:libssh2-devel@cool.haxx.se::fC0qVRA+Ld9TlEYu:8izx Date: Sat, 07 Aug 2010 09:30:59 +0200 In-Reply-To: (A. Mark's message of "Thu, 5 Aug 2010 14:56:59 -0700") Message-ID: <871vaaria4.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 07 Aug 2010 09:31:26 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 07 Aug 2010 09:31:08 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se "A. Mark" writes: > Is there a convenience function to get that string array, and is there > a way to check which cipher is actually being used? Or I should look > at the source code and try to figure it out? I think the source code is your safest bet... It's possible to see what cipher is used in the debug logs, but I'm not sure we have a function to read it out in a programmatic way. This is definitely something that should be improved, so that applications can find out the properties of the channel. Patches welcome. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 7 09:32:50 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o777WmSl024157; Sat, 7 Aug 2010 09:32:50 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o777Wlbi024152 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sat, 7 Aug 2010 09:32:47 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o777WgLH003047 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Sat, 7 Aug 2010 09:32:44 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: libssh2: Ported to UC Linux ? References: <4C2CE7A7.DE5EEF53@rcom-software.com> <87pqz3e8eh.fsf@mocca.josefsson.org> <4C309D23.2561ED9B@rcom-software.com> <87wrtbb8v1.fsf@mocca.josefsson.org> <4C5AF77E.D4680653@rcom-software.com> <87eiecn4h4.fsf@mocca.josefsson.org> <4C5B4BEC.4D78E6F9@rcom-software.com> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100807:libssh2-devel@cool.haxx.se::c/mXJw7gCBGB/srR:Vw5y Date: Sat, 07 Aug 2010 09:32:39 +0200 In-Reply-To: <4C5B4BEC.4D78E6F9@rcom-software.com> (Paul Romero's message of "Thu, 05 Aug 2010 16:40:28 -0700") Message-ID: <87wrs2q3mw.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 07 Aug 2010 09:32:50 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 07 Aug 2010 09:32:47 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Paul Romero writes: > Hi Simon: > > Which file does the --enable-static go in ? The --enable-static is a parameter to ./configure, so you need to put it in whatever local file you may have that invokes ./configure. It is not part of any file shipped with libssh2. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 7 12:35:09 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o77AYjrj006769; Sat, 7 Aug 2010 12:35:06 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o77AYgMJ006764 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sat, 7 Aug 2010 12:34:43 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o77AYUa4013510 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Sat, 7 Aug 2010 12:34:34 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: compile under win32 using gnu toolchain? References: OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100807:libssh2-devel@cool.haxx.se::BvFEdT4PCi0oQ8O2:41c0 Date: Sat, 07 Aug 2010 12:34:27 +0200 In-Reply-To: (Toan Pham's message of "Sat, 7 Aug 2010 01:26:40 -0400") Message-ID: <87lj8ipv7w.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 07 Aug 2010 12:35:09 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 07 Aug 2010 12:34:43 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Toan Pham writes: > Hi, > > I try to compile libssh2 for windows using mingw and gnu gcc compiler > under windows xp. > Because libssh2 depends on libgcrypt or openssl, which also depends on > liberror (something i forgot at the moment. I am curious if anyone > has compiled it in windows using gcc tools before? i had some problem > compiling liberrorcode, i think i was missing a dependency check > utility (depmon). would someone give me some pointers on compiling > it. thank you. On http://josefsson.org/gnutls4win/ there are pre-compiled binaries for libssh2, generated using http://josefsson.org/gnutls4win/Makefile /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 9 13:09:23 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o79B8xgj013018; Mon, 9 Aug 2010 13:09:18 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o79B8vtT013008 for ; Mon, 9 Aug 2010 13:08:57 +0200 Received: (qmail 29060 invoked by uid 501); 9 Aug 2010 11:08:54 -0000 Message-ID: <20100809110854.29059.qmail@stuge.se> Date: Mon, 9 Aug 2010 13:08:54 +0200 From: Peter Stuge To: libssh2 development Subject: Re: Packet sizes [was: ANNOUNCE: libssh2 version 1.2.6] Mail-Followup-To: libssh2 development References: <4C10A514.1080206@gmx.at> <20100610104427.9161.qmail@stuge.se> <20100611143316.17887.qmail@stuge.se> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 09 Aug 2010 13:09:23 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 09 Aug 2010 13:08:57 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Old thread, sorry I didn't get this sent out sooner. Daniel Stenberg wrote: >>> I've now limited libssh2 to only take 32500 bytes payload when it >>> creates an FXP_WRITE packet. >> >> Out of curiosity, where does this 32,500 byte limit come from? Is >> it a protocol limit? > > It was a bit taken out of the air The number came from me. I suggested to try it as buffer size to get as large packets at possible yet avoid another libssh2 bug, once the problems with >1024 had been fixed. > the draft we're following[*] says: > > All servers SHOULD support packets of at least 34000 bytes (where the > packet size refers to the full length, including the header above). > This should allow for reads and writes of at most 32768 bytes. > > [*] = http://tools.ietf.org/wg/secsh/draft-ietf-secsh-filexfer/draft-ietf-secsh-filexfer-02.txt That's SFTP, but the bug I'm talking about is in the transport layer and not SFTP specific. The length field that the abouve quote refers to is defined as: uint32 length So the protocol limit is 2^32. filexfer draft 13 (yes, later than 02) reads as follows, immediately before your quote: The maximum size of a packet is in practice determined by the client (the maximum size of read or write requests that it sends, plus a few bytes of packet overhead). I think it's important for SFTP to support large packets but I think the transport layer is even more fundamental, and whatever solution is found for that will allow SFTP to follow suite. Daniel Stenberg wrote: >> I think they do, in the sense that if an app gives libssh2 a 64kb buffer >> then I think that should be the payload of a single SSH packet. > > 64K is too large for a single packet No. What gives you this impression? >> Yep, and it'll work, but packet size is still stuck at the >> (32k-overhead) limit in the transport layer, which I think is the >> real problem. > > But the 32-34K something is a real limit imposed by the specs, it's > not something we have invented. --8<-- RFC 4253 6. Binary Packet Protocol Each packet is in the following format: uint32 packet_length -->8-- And: --8<-- RFC 4253 6.1. Maximum Packet Length All implementations MUST be able to process packets with an uncompressed payload length of 32768 bytes or less and a total packet size of 35000 bytes or less (including 'packet_length', 'padding_length', 'payload', 'random padding', and 'mac'). The maximum of 35000 bytes is an arbitrarily chosen value that is larger than the uncompressed length noted above. Implementations SHOULD support longer packets, where they might be needed. For example, if an implementation wants to send a very large number of certificates, the larger packets MAY be sent if the identification string indicates that the other party is able to process them. However, implementations SHOULD check that the packet length is reasonable in order for the implementation to avoid denial of service and/or buffer overflow attacks. -->8-- //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 9 15:54:05 2010 Return-Path: Received: from giant.haxx.se (list@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o79DrpCf002384; Mon, 9 Aug 2010 15:54:03 +0200 Received: from giant.haxx.se (dast@giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o79DrnwP002369 for ; Mon, 9 Aug 2010 15:53:49 +0200 Date: Mon, 9 Aug 2010 15:53:49 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Packet sizes [was: ANNOUNCE: libssh2 version 1.2.6] In-Reply-To: <20100809110854.29059.qmail@stuge.se> Message-ID: References: <4C10A514.1080206@gmx.at> <20100610104427.9161.qmail@stuge.se> <20100611143316.17887.qmail@stuge.se> <20100809110854.29059.qmail@stuge.se> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 09 Aug 2010 15:54:05 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 09 Aug 2010 15:53:50 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Mon, 9 Aug 2010, Peter Stuge wrote: >>> Out of curiosity, where does this 32,500 byte limit come from? Is it a >>> protocol limit? >> >> It was a bit taken out of the air > > The number came from me. I suggested to try it as buffer size to get as > large packets at possible yet avoid another libssh2 bug, once the problems > with >1024 had been fixed. Perhaps you suggested that limit - I honestly don't remember, but my use of it was not to avoid any bugs. libssh2 will simply not send any SSH packets that are much larger than so, so passing on larger data sizes to those functions are pointless. >> All servers SHOULD support packets of at least 34000 bytes (where the > > That's SFTP, but the bug I'm talking about is in the transport layer and not > SFTP specific. Right. Let's take this step by step and see what the specs say! > The length field that the abouve quote refers to is defined as: > > uint32 length Yes, the protocol uses 32 bits for the length field. > So the protocol limit is 2^32. I strongly disagree. The length field has room for such a size, yes, but the plain text is very clear in the spec I quoted: "This should allow for reads and writes of at most 32768 bytes." *at most* it says. In what situations are "at most" not the max? > filexfer draft 13 (yes, later than 02) reads as follows, immediately before > your quote: > > The maximum size of a packet is in practice determined by the > client (the maximum size of read or write requests that it sends, > plus a few bytes of packet overhead). ... and even draft 13 says (in section 4): This should allow for reads and writes of at most 32768 bytes. Again: *at most*. If 32768 is the most, how can we send more? The text also says that servers only need to support receving 34000 bytes so when we can we know that it the server support larger packets? I don't know of any negotiation field where it tells its maximum packet size limit. > I think it's important for SFTP to support large packets but I think the > transport layer is even more fundamental, and whatever solution is found for > that will allow SFTP to follow suite. I don't see how larger SFTP packets is allowed by the spec. I trust you will tell me (us?) in what way my reading of this is wrong. The packet size limit for the transport layer is similarly limited due to what the spec says. RFC 4253 section 6.1 says: All implementations MUST be able to process packets with an uncompressed payload length of 32768 bytes or less and a total packet size of 35000 bytes or less (including 'packet_length', 'padding_length', 'payload', 'random padding', and 'mac'). The maximum of 35000 bytes is an arbitrarily chosen value that is larger than the uncompressed length noted above. This means that implementations are not required to support larger packets than 32768 bytes uncompressed payload. When can libssh2 use larger packets than what the other end is required to support? Should/can we probe it by trying larger packets? >> 64K is too large for a single packet > > No. What gives you this impression? The above mentioned quote. How can we know that 64K works when it isn't mandated by the spec? -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 10 12:36:35 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7AAaD1a019105; Tue, 10 Aug 2010 12:36:31 +0200 Received: from oproxy1-pub.bluehost.com (oproxy1-pub.bluehost.com [66.147.249.253]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7AAaAto019102 for ; Tue, 10 Aug 2010 12:36:12 +0200 Received: (qmail 30696 invoked by uid 0); 10 Aug 2010 09:38:40 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy1.bluehost.com.bluehost.com with SMTP; 10 Aug 2010 09:38:40 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:From:Content-Type:Content-Transfer-Encoding:Subject:Date:Message-Id:To:Mime-Version:X-Mailer:X-Identified-User; b=fXORjQU0GbpqHvLCVSkHR0A3TZocYkibouAAzJzBOWcFVNdcIXqTkDuHOIwGaYSfGtL5QgpFDM2AEBu6Y23EceN+aWNuGqnbK7Lmhr5jLxExOqRficabIu5aGxKfUpQE; Received: from [122.170.53.15] (helo=[192.168.1.6]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1OimBi-00043m-Px for libssh2-devel@cool.haxx.se; Tue, 10 Aug 2010 04:36:07 -0600 From: Paresh Thakor Subject: Authentication using public/private key Date: Tue, 10 Aug 2010 16:06:02 +0530 Message-Id: To: libssh2 development Mime-Version: 1.0 (Apple Message framework v1078) X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.53.15 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 10 Aug 2010 12:36:35 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 10 Aug 2010 12:36:13 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hello, We're trying to implement public/private key authorization using our iPhone application. I've tried and setup public/private key files using ssh-keygen command. I've these two files on my iPhone in .ssh/id_rsa.pub, .ssh/id_rsa. I'm implementing libssh2 for ssh implementation for my iPhone application. If anyone good to this, please let me know how can i put these files and where to put them? In documents directory for iPhone application? Or how can we access these files globally? I've tried few tricks but each of them failed. Please let me know how can i implement public/private key authorization. Regards, Paresh Thakor. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 10 13:17:23 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7ABHDYx010266; Tue, 10 Aug 2010 13:17:22 +0200 Received: from mail-pw0-f54.google.com (mail-pw0-f54.google.com [209.85.160.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7ABHAuw010227 for ; Tue, 10 Aug 2010 13:17:11 +0200 Received: by pwj4 with SMTP id 4so2128087pwj.41 for ; Tue, 10 Aug 2010 04:17:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type; bh=Udd205//NjNoZz8r9Fek489zSF8SYsrVdgORiQHOs68=; b=LoUxyllprWph2sRSR9vnfEs+WdOTl4VpK8d63ch1gi+0c3JGxt+/kZPWuBHm+DubM6 UOdkIe8WBgamaULOjV4xDF+AGynmu/x0VYp1K+MQktCqoiZ0eMS7fuErkm+cJOY+MFDi 5a9Epyu3erOzoaC3ATBVyiVHtXFVRcI7WjQng= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=vD06Kl5cy8Om4N9a3nuL6RzLf7Oed6pRkkkXUSuiqPx6fMUOdXOl4rneAKjt8Gjsye tukP7dUeZa8iEM55njNKz/LJRRQ7QueCK4HRxGXUQdE9UaUFwBaJOY1FaibYN5x7ZJR9 7zRRP6UBsN11AhX7iPiXAynPUiFFMS55XUyoo= MIME-Version: 1.0 Received: by 10.142.211.6 with SMTP id j6mr14717849wfg.277.1281439023687; Tue, 10 Aug 2010 04:17:03 -0700 (PDT) Received: by 10.142.140.18 with HTTP; Tue, 10 Aug 2010 04:17:03 -0700 (PDT) In-Reply-To: References: Date: Tue, 10 Aug 2010 12:17:03 +0100 X-Google-Sender-Auth: W2pDhX8Xluz6wHIBxs2rssJ1h8M Message-ID: Subject: Re: Authentication using public/private key From: Alexander Lamaison To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 10 Aug 2010 13:17:23 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 10 Aug 2010 13:17:12 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On 10 August 2010 11:36, Paresh Thakor wrote: > > We're trying to implement public/private key authorization using our iPhone application. I've tried and setup public/private key files using ssh-keygen command. I've these two files on my iPhone in .ssh/id_rsa.pub, .ssh/id_rsa. > > I'm implementing libssh2 for ssh implementation for my iPhone application. If anyone good to this, please let me know how can i put these files and where to put them? This list is not the appropriate place to ask questions about the iPhone filesystem. Come back to us when you have a libssh2 question. Alex -- Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 10 15:36:23 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7ADaBjo014904; Tue, 10 Aug 2010 15:36:20 +0200 Received: from oproxy2-pub.bluehost.com (oproxy2-pub.bluehost.com [67.222.39.60]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7ADa2a9014754 for ; Tue, 10 Aug 2010 15:36:02 +0200 Received: (qmail 17568 invoked by uid 0); 10 Aug 2010 13:35:57 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy2.bluehost.com with SMTP; 10 Aug 2010 13:35:57 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Content-Transfer-Encoding:Message-Id:References:To:X-Mailer:X-Identified-User; b=kciYlh17ChYXqD05kQXjLNQjAmdOqfQ9hmxzYakoqk2jSKlgWRhVf1f3EASJX6swxy3FwoaPjZMKOCy5nzi6hvRMUSp6fL+zLAkN1netCCIv1Uqjt/aW1KpyK7ZGUqKU; Received: from [122.170.50.242] (helo=[192.168.1.6]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1Oiozl-0000Dr-1K for libssh2-devel@cool.haxx.se; Tue, 10 Aug 2010 07:35:57 -0600 Mime-Version: 1.0 (Apple Message framework v1078) Subject: Re: Authentication using public/private key From: Paresh Thakor In-Reply-To: Date: Tue, 10 Aug 2010 19:05:50 +0530 Message-Id: References: To: libssh2 development X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.50.242 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 10 Aug 2010 15:36:23 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 10 Aug 2010 15:36:03 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se I've libssh2 question that how can i authenticate using public/private key? Is there any way so i can use libssh2 for public / private key authentication..? I'm using libss2 with iPhone sdk, might not be this related to you..! This question is general, if i was preparing Java program then also i might post my comment here. On Aug 10, 2010, at 4:47 PM, Alexander Lamaison wrote: > On 10 August 2010 11:36, Paresh Thakor wrote: >> >> We're trying to implement public/private key authorization using our iPhone application. I've tried and setup public/private key files using ssh-keygen command. I've these two files on my iPhone in .ssh/id_rsa.pub, .ssh/id_rsa. >> >> I'm implementing libssh2 for ssh implementation for my iPhone application. If anyone good to this, please let me know how can i put these files and where to put them? > > This list is not the appropriate place to ask questions about the > iPhone filesystem. Come back to us when you have a libssh2 question. > > Alex > > -- > Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 10 15:49:21 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7ADnDvl026213; Tue, 10 Aug 2010 15:49:19 +0200 Received: from dottedmag.net (mail.dottedmag.net [78.46.75.124]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7ADnB3E026184 for ; Tue, 10 Aug 2010 15:49:12 +0200 Received: from leibnitz.dottedmag.net (l49-81-131.cn.ru [178.49.81.131]) by dottedmag.net (Postfix) with ESMTPSA id A82F4346004 for ; Tue, 10 Aug 2010 17:49:07 +0400 (MSD) Received: from dottedmag by leibnitz.dottedmag.net with local (Exim 4.72) (envelope-from ) id 1OipCT-0001QI-2r for libssh2-devel@cool.haxx.se; Tue, 10 Aug 2010 20:49:05 +0700 From: Mikhail Gusarov To: libssh2 development Subject: Re: Authentication using public/private key References: Date: Tue, 10 Aug 2010 20:49:04 +0700 In-Reply-To: (Paresh Thakor's message of "Tue, 10 Aug 2010 19:05:50 +0530") Message-ID: <87bp9a4lyn.fsf@leibnitz.dottedmag.net> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 10 Aug 2010 15:49:21 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 10 Aug 2010 15:49:12 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1274961180==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1274961180== Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" --=-=-= Content-Transfer-Encoding: quoted-printable Twas brillig at 19:05:50 10.08.2010 UTC+05 when paresh.thakor@moontechnolab= s.com did gyre and gimble: PT> I've libssh2 question that how can i authenticate using public/private= key? By using libssh2 API. PT> Is there any way so i can use libssh2 for public / private key authent= ication..? Yes. =2D-=20 http://fossarchy.blogspot.com/ --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJMYVjQAAoJEJ0g9lA+M4iISmgQAMAX3rXbLD7D3qdPFyS64QuB j0De+Qw0uGxCEbGsUT+TqfNF83Ko3tAGkzzgdHfLvXPF0sYuN/Zi5dyY8BabTVkK 7ZYdhRPqewLfHupWhueXvK5IE+nvEd0wEDUL/oaAOZ2ig/VQL9xPRZjCO6n9BVgC d662/Kb5kj6HzqQ1SgZKYMsSiGHI39RQP/jsR4HPlL+MQOqyvOx5twhA+hfklWmC lnHvVd/mFR3kEt1ap7C4Ssm23P0fNrxqBBmUR9a4ffIZFs4qd4PvVu1u9ONOXL9A 5vrPBIG9onZ6LHLWcXZcl4Ju3kxKEv5afnVMDCuAGZZ5SPFawIz0mBHqQJfzBNfn cy/CpmBM4QYScDIcfpDR2j3VWqmPEGH6bB6/TZtVuShDo/gsA8kpn8T1Ejobij54 F9z4s1xegTVnCssR+LYNhEXdRsX7wXxPZJcq/zQu++XZOxCwU4fjEwyBvXBg1MFR m6Z5XWP63YuIKciMOG/UoMidSTcaNarpMi7qRHp4Ot+miRLQblWrsFE4W8zfhD6w IAp6J6WqLtxQ3mDAGW7qCvS5+YAn/VUfuyWLEQNIPafy5leGxE/gnKMi3lz+9CSV NQrqpB36mve08hcNK3LVmwbH2jxBRS38Isu+s8SCJsyFxLmOKu2B9MHkFhfphzAF 9nIwoVcZYBPhpmTaMX8w =kGVT -----END PGP SIGNATURE----- --=-=-=-- --===============1274961180== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1274961180==-- From libssh2-devel-bounces@cool.haxx.se Tue Aug 10 18:01:18 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7AG13NC010497; Tue, 10 Aug 2010 18:01:16 +0200 Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7AG10lx010432 for ; Tue, 10 Aug 2010 18:01:01 +0200 Received: from [IPv6:2001::53aa:64c:0:22b8:525d:2925] (unknown [IPv6:2001:0:53aa:64c:0:22b8:525d:2925]) by toccata.fugue.com (Postfix) with ESMTPSA id 1C65E34E535C for ; Tue, 10 Aug 2010 12:01:11 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v1081) Subject: Re: Authentication using public/private key From: Ted Lemon In-Reply-To: Date: Tue, 10 Aug 2010 12:00:54 -0400 Message-Id: <8464BFBA-CEAD-4A5C-873D-143135920164@fugue.com> References: To: libssh2 development X-Mailer: Apple Mail (2.1081) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 10 Aug 2010 18:01:18 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 10 Aug 2010 18:01:02 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Aug 10, 2010, at 6:36 AM, Paresh Thakor wrote: > I'm implementing libssh2 for ssh implementation for my iPhone application. If anyone good to this, please let me know how can i put these files and where to put them? In documents directory for iPhone application? Or how can we access these files globally? I've tried few tricks but each of them failed. Please let me know how can i implement public/private key authorization. The easiest way to do this, just to try it out, is to put the files in the Resources folder in your xcode project. This will result in them being copied into the application bundle. You can then open them with this example code: privkey = [[NSBundle mainBundle] pathForResource: @"ipad" ofType: @"key" inDirectory: @""]; pubkey = [[NSBundle mainBundle] pathForResource: @"ipad" ofType: @"pub" inDirectory: @""]; rc = libssh2_userauth_publickey_fromfile(session, "mellon", [pubkey UTF8String], [privkey UTF8String], ""); However, obviously this won't work for production use, since the user needs to set up their own key. For that, I think the right solution is to port the ssh-keygen functionality and generate the key on the iPad; any other solution is going to be impractical, because it will rely on some resource the user may or may not have (a machine that can run ssh-keygen), and on a secure path between the user's machine and the machine that generated the key, which is a bit of a chicken-and-egg problem. You could use iTunes file transfer for this, but I don't think it's at all secure. I'm working on an app for iPad that uses libssh2 as well, and so I'm running into similar problems--if I come up with a solution I'll let you know. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 10 22:53:51 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7AKrW6P014176; Tue, 10 Aug 2010 22:53:47 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7AKrUKh014169 for ; Tue, 10 Aug 2010 22:53:30 +0200 Date: Tue, 10 Aug 2010 22:53:30 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: time for another release Message-ID: User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 10 Aug 2010 22:53:51 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 10 Aug 2010 22:53:30 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hiya friends! We have a decent set of bugfixes in git that haven't been released so it's about time we make a tarball and put it out there! To reduce the shock, I'll give you all 7 days to calm down and push your fixes before I make the release. Planned release date unless something goes horribly wrong: August 17th 2010. If you have pending issues or whatever you like adressed before this, now is the time to shout! -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 11 11:06:57 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7B96cup031616; Wed, 11 Aug 2010 11:06:53 +0200 Received: from oproxy1-pub.bluehost.com (oproxy1-pub.bluehost.com [66.147.249.253]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7B96YYD031599 for ; Wed, 11 Aug 2010 11:06:35 +0200 Received: (qmail 27757 invoked by uid 0); 11 Aug 2010 09:06:34 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy1.bluehost.com.bluehost.com with SMTP; 11 Aug 2010 09:06:34 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Content-Transfer-Encoding:Message-Id:References:To:X-Mailer:X-Identified-User; b=JwfOk6QOEZc3id+6hrhBXbraPUnfqEHutHYGpFYJRJRRHdfLdIQhUlGz2rau3eNJHkcUm5knGGG8DgxxWsKb+ox414MdKjQQMJkaNFtqaZ0XFiMrMSLrj2OnwOUVCAxP; Received: from [122.170.35.72] (helo=[192.168.1.4]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1Oj7GY-0004sa-C7 for libssh2-devel@cool.haxx.se; Wed, 11 Aug 2010 03:06:31 -0600 Mime-Version: 1.0 (Apple Message framework v1078) Subject: Re: Authentication using public/private key From: Paresh Thakor In-Reply-To: <8464BFBA-CEAD-4A5C-873D-143135920164@fugue.com> Date: Wed, 11 Aug 2010 14:36:12 +0530 Message-Id: References: <8464BFBA-CEAD-4A5C-873D-143135920164@fugue.com> To: libssh2 development X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.35.72 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 11 Aug 2010 11:06:57 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 11 Aug 2010 11:06:36 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Thanks for your aid, i'm pleased to have response from you. And you're right, i need to set up user accounts and think, there's good way to drag and drop key files into documents folder, which is the only option we can process with key files. We can also consider the absolute path to key files from root (/) but we are not known where these key files are stored in iPhone file system. By this methods, we'll display list of flies through which user can select key files which we need to use to authenticate. Or we can use some naming conventions also so we come to know which files we need to use for particular account. But we have tried with all these options giving absolute path as well as putting files into resource and copying into documents folder, but any of these are not working. Don't know in which terms we lack anything, but we might have taken wrong way... possibly we are not doing what we need to do. Please let us know or give us any possible hint. Thanks for your solution. I'll post my answers if i get any solution. Regards, Paresh Thakor. On Aug 10, 2010, at 9:30 PM, Ted Lemon wrote: > On Aug 10, 2010, at 6:36 AM, Paresh Thakor wrote: >> I'm implementing libssh2 for ssh implementation for my iPhone application. If anyone good to this, please let me know how can i put these files and where to put them? In documents directory for iPhone application? Or how can we access these files globally? I've tried few tricks but each of them failed. Please let me know how can i implement public/private key authorization. > > The easiest way to do this, just to try it out, is to put the files in the Resources folder in your xcode project. This will result in them being copied into the application bundle. You can then open them with this example code: > > privkey = [[NSBundle mainBundle] pathForResource: @"ipad" ofType: @"key" > inDirectory: @""]; > pubkey = [[NSBundle mainBundle] pathForResource: @"ipad" ofType: @"pub" > inDirectory: @""]; > rc = libssh2_userauth_publickey_fromfile(session, > "mellon", [pubkey UTF8String], > [privkey UTF8String], ""); > > However, obviously this won't work for production use, since the user needs to set up their own key. For that, I think the right solution is to port the ssh-keygen functionality and generate the key on the iPad; any other solution is going to be impractical, because it will rely on some resource the user may or may not have (a machine that can run ssh-keygen), and on a secure path between the user's machine and the machine that generated the key, which is a bit of a chicken-and-egg problem. You could use iTunes file transfer for this, but I don't think it's at all secure. > > I'm working on an app for iPad that uses libssh2 as well, and so I'm running into similar problems--if I come up with a solution I'll let you know. > > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 11 19:00:13 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7BGxnqT024350; Wed, 11 Aug 2010 19:00:09 +0200 Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7BGxl63024347 for ; Wed, 11 Aug 2010 18:59:47 +0200 Received: by bwz9 with SMTP id 9so357426bwz.41 for ; Wed, 11 Aug 2010 09:59:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :message-id:mime-version:content-type:content-transfer-encoding :x-mailer:thread-index:content-language; bh=yw3JpAxywQnO719OnhhOXtkqUNI6z8BQBvXrPaW2c/8=; b=KfA6Rzd14rAUzJnK5JxMlom6ZWX45F3JFlpmMpbpPcg1D4yzfoTLXSngZZAqa+Vcum d8I/XBRBWCxi0EZNz+/gWHao0A38drBxQhATcAswAUy1K10A+nWc41tsgWuZTfBjQIcX gnMAcUOPwyk4rPubmeAMP6EqWzEgGKgeARrbg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:message-id:mime-version:content-type :content-transfer-encoding:x-mailer:thread-index:content-language; b=J+qmbLAira1ijwYu1PxVX+g4RM6+mYViBjk2oaecnuV/0zo3LYmOcE+OPDkw5hkJ2p GooOHbZpeln67OQy9BAoF9cEScIt1ET9lQVItCyXZRtT5gfYy3+S1oGrckJH3D1V5i/U herwfIzJ7RYZjOrgvrVX80AC33OWYoBCPQEpo= Received: by 10.204.156.212 with SMTP id y20mr2606089bkw.179.1281545984222; Wed, 11 Aug 2010 09:59:44 -0700 (PDT) Received: from rainPC (dynamic-78-30-179-234.adsl.eunet.rs [78.30.179.234]) by mx.google.com with ESMTPS id x13sm252870bki.12.2010.08.11.09.59.41 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 11 Aug 2010 09:59:42 -0700 (PDT) From: =?iso-8859-2?Q?=AEeljko_Marjanovi=E6?= To: Subject: SFTP character encoding and problem with agent auth Date: Wed, 11 Aug 2010 18:59:37 +0200 Message-ID: <000601cb3976$963bb290$c2b317b0$@gmail.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 14.0 Thread-Index: Acs5com8j0nFN/YERNOqdP9mFV0uCA== Content-Language: sr-rs X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 11 Aug 2010 19:00:13 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 11 Aug 2010 18:59:47 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hello, I have implemented interface for using libssh2 library from Delphi/Object pascal (if anyone is interested look here https://bitbucket.org/ZeljkoMarjanovic/libssh2-delphi/ ), but I have a few problems/uncertainties about using the library. Problems first :-) I am unable to successfully authenticate via agent (putty pageant to be more precise). After I successfully initialize and connect to the agent via libssh2_agent_init/libssh2_agent connect, I cannot list identities via libssh2_agent_list_identities. The error code returned is -39 and the the last error str says: *Would block requesting userauth list* I don't know what am I doing wrong. I have also compiled and tried the example (ssh2_agent.c), but I am getting the same error. And now the question :-) Is it possible to determine the character encoding the SSH/SFTP server is using? I have read the protocol specs for SFTP v3 and there is no mention of it, but in v4 default encoding is UTF-8. Is it safe to assume and use UTF-8 for default encoding? Thank you in advance, Zeljko P.S.: I forgot to mention that I am using libssh2 ver 1.2.6. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 12 00:15:47 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7BMFSvT015353; Thu, 12 Aug 2010 00:15:43 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7BMFQh3015316 for ; Thu, 12 Aug 2010 00:15:26 +0200 Received: by qwg5 with SMTP id 5so849168qwg.41 for ; Wed, 11 Aug 2010 15:15:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; bh=HhHft5LnuIiIGJlceCR4pBqWa7ulH8uWLcK2WJ1VYo8=; b=ccWFFpl2pKX5yg871ywJpObsdBcq3U8Kp3rCiQrSDi9iaWSpippJVQARcUoUaken80 sId37/58o4O/nA6XsiAPxIwbxJyel55Sxyg0i5rWAEDRl/DvYEJAkhSiTB0e+E+IZQB1 D3dO1Hq32hzpkREfAQ8S4PD01uX4DNU7FEDTo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=xA20krzI0rUJgrXh96BiT1AcztQiiyOM0r5kmmfWUjIqpX2SpTE3/KFPeot3RDhw1F R9ry+657R9ePz7cE5YmYCv6gqD5yxqkk4Z1ahInREdTPLLlSeWp70EZY9ZHv6n8smJQl xirxCLUD5t/wMDffD7/bW33Uskzl3slM5VHcA= MIME-Version: 1.0 Received: by 10.229.213.131 with SMTP id gw3mr10262703qcb.47.1281564915202; Wed, 11 Aug 2010 15:15:15 -0700 (PDT) Received: by 10.229.37.138 with HTTP; Wed, 11 Aug 2010 15:15:15 -0700 (PDT) In-Reply-To: <000601cb3976$963bb290$c2b317b0$@gmail.com> References: <000601cb3976$963bb290$c2b317b0$@gmail.com> Date: Wed, 11 Aug 2010 23:15:15 +0100 X-Google-Sender-Auth: tJPN3HgS9u4GTwl-92JFAqJw7ag Message-ID: Subject: Re: SFTP character encoding and problem with agent auth From: Alexander Lamaison To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 12 Aug 2010 00:15:47 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 12 Aug 2010 00:15:26 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se MjAxMC84LzExIMW9ZWxqa28gTWFyamFub3ZpxIcgPHNhdmV0aGVtNGV2ZXJAZ21haWwuY29tPjoK PiBJcyBpdCBwb3NzaWJsZSB0byBkZXRlcm1pbmUgdGhlIGNoYXJhY3RlciBlbmNvZGluZyB0aGUg U1NIL1NGVFAgc2VydmVyIGlzCj4gdXNpbmc/IEkgaGF2ZSByZWFkIHRoZSBwcm90b2NvbAo+IHNw ZWNzIGZvciBTRlRQIHYzIGFuZCB0aGVyZSBpcyBubyBtZW50aW9uIG9mIGl0LCBidXQgaW4gdjQg ZGVmYXVsdCBlbmNvZGluZwo+IGlzIFVURi04LiDCoElzIGl0IHNhZmUgdG8gYXNzdW1lCj4gYW5k IHVzZSBVVEYtOCBmb3IgZGVmYXVsdCBlbmNvZGluZz8KClNob3J0IGFuc3dlciwgeWVzIGlmIGNv bm5lY3RpbmcgdG8gbWFjaGluZXMgcnVubmluZyBtb2Rlcm4gVW5pY2VzLgoKVGhlIHJlYXNvbiB0 aGUgdjMgc3BlYyBkaWRuJ3QgbWFuZGF0ZSBVVEYtOCBmb3IgZmlsZW5hbWVzIGlzIHByb2JhYmx5 CnRoYXQgc29tZSBzZXJ2ZXJzIGNhbid0IGd1YXJhbnRlZSB0aGF0LiAgT24gTGludXgsIGZvciBp bnN0YW5jZSwgeW91CmNhbiBnaXZlIHRoZSBmaWxlIGEgbmFtZSB1c2luZyBhbiBhcmJpdHJhcnkg ZW5jb2Rpbmcgb2YgeW91ciBjaG9pY2UgLQppdCBqdXN0IHN0b3JlcyBhIHNlcXVlbmNlIG9mIGJ5 dGVzIFsxXVsyXS4gIFdoZW4gYGxzYCBkaXNwbGF5cyB0aGUKY29udGVudHMgb2YgYSBkaXJlY3Rv cnksIGl0IGRlY2lkZXMgaG93IHRvIGRlY29kZSB0aGUgZmlsZW5hbWVzIGJhc2VkCm9uIHRoZSB1 c2VyJ3MgTEFORyBlbnZpcm9ubWVudCB2YXJpYWJsZS4gIEZvciBpbnN0YW5jZSwgb24gbXkgVWJ1 bnR1Cm1hY2hpbmUsIHRoaXMgaXMgZW5fR0IuVVRGLTggc28gYWxsIGZpbGVuYW1lIGRhdGEgaXMg aW50ZXJwcmV0ZWQgYXMKVVRGLTguICBJZiwgYnkgY2hhbmNlLCBhbiBBcmFiaWMgZmlsZW5hbWUg d2VyZSBlbmNvZGVkIGluIE1hY0FyYWJpYwplbmNvZGluZywgaXQgd291bGQgYmUgZ2FyYmxlZCBp biB0aGUgbGlzdGluZy4KClRoaXMgZXhwbGFpbnMgdGhlIHByb2JsZW1zIGVuY291bnRlcmVkIHdp dGggYSBsb2NhbCBgbHNgIGJ1dCwgb2YKY291cnNlLCBhIHJlbW90ZSBsaXN0aW5nIG92ZXIgU0ZU UCBmYWNlcyBhbGwgdGhlIHNhbWUgaXNzdWVzOyB0aGUKZmlsZW5hbWVzIHNlbnQgdG8gdGhlIGNs aWVudCBjYW4gYmUgYSBtaXggb2YgVVRGLTggYW5kIG5vbi1VVEYtOC4gIEkKaGF2ZSBubyBpZGVh IGhvdyBTRlRQIHY0IGV4cGVjdHMgc2VydmVycyB0byBndWFyYW50ZWUgdGhleSBzdXBwbHkKVVRG LTggd2hlbiB0aGUgc2VydmVyIGRvZXNuJ3QgZXZlbiBrbm93IHRoZSBlbmNvZGluZyBvZiBpdHMg b3duCmZpbGVuYW1lcyEKCkluIHByYWN0aWNlLCBob3dldmVyLCBtb2Rlcm4gVW5pY2VzIGRlZmF1 bHQgdG8gVVRGLTggc28gaXQgd291bGQgYmUKdW51c3VhbCB0byBlbmNvdW50ZXIgYSBmaWxlbmFt ZSB3aXRoIGEgZGlmZmVyZW50IGVuY29kaW5nLiAgTXkgcHJvamVjdAphc3N1bWVzIGFsbCBmaWxl bmFtZXMgYXJlIFVURi04LiAgQSBtb3JlIGNvcnJlY3Qgc29sdXRpb24gd291bGQgYmUgdG8KZGVm YXVsdCB0byBVVEYtOCBidXQgcHJvdmlkZSB0aGUgdXNlciB3aXRoIGFuIG9wdGlvbiB0byBzcGVj aWZ5IGEKY3VzdG9tIGVuY29kaW5nLgoKWzFdIGh0dHA6Ly9zZXJ2ZXJmYXVsdC5jb20vcXVlc3Rp b25zLzgyODIxL2hvdy10by10ZWxsLXRoZS1sYW5ndWFnZS1lbmNvZGluZy1vZi1hLWZpbGVuYW1l LW9uLWxpbnV4ClsyXSBodHRwOi8vd3d3LmxpbnV4LmNvbS9hcmNoaXZlL2ZlZWQvNTg2ODkKCkhU SAoKQWxleAoKLS0KU3dpc2ggLSBFYXN5IFNGVFAgZm9yIFdpbmRvd3MgRXhwbG9yZXIgKGh0dHA6 Ly93d3cuc3dpc2gtc2Z0cC5vcmcpCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fCmxpYnNzaDItZGV2ZWwgaHR0cDovL2Nvb2wuaGF4eC5zZS9jZ2ktYmluL21h aWxtYW4vbGlzdGluZm8vbGlic3NoMi1kZXZlbAo= From libssh2-devel-bounces@cool.haxx.se Thu Aug 12 00:20:51 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7BMKlkS018892; Thu, 12 Aug 2010 00:20:50 +0200 Received: from mail-qy0-f175.google.com (mail-qy0-f175.google.com [209.85.216.175]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7BMKjDh018716 for ; Thu, 12 Aug 2010 00:20:45 +0200 Received: by qyk11 with SMTP id 11so5743406qyk.20 for ; Wed, 11 Aug 2010 15:20:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; bh=tWZ0nU/Dh+k+Z9t2kSncwNgYFsSuaaWhX8u2wMCtbxE=; b=TItPSHZyZbEHpRwooPZqLtR7SBqG9t2FBrqFyXpxpPiwGbaBtdqmoszu25BNpZiydr CEXd54sYZsbAOt+aIvPzhbelzt59FWliH49ApL8vpZBQBaHNKoYILyN6U/OHnuWEm/Kz 40VxdACLkIeejISPjUBCJgq/TJQ0ZMjQ6c7hc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=UqN0+TVo1DBXd/yLiniuHqT9qQ2VMwFKNKObXvKeFDfmZ9vfMWWL8+Nh0w6VMZSHpZ DWlNfbtqdX0XP8Fe/tcfITVnLaRk2YxBrgpmbWc/gT/rtVBxZfNJuW54LcuwfFdmuXbG 7OGZxFWdxYxOMbLcESoC1vTa/NllrjlQQnNkk= MIME-Version: 1.0 Received: by 10.224.116.18 with SMTP id k18mr11291750qaq.303.1281565235019; Wed, 11 Aug 2010 15:20:35 -0700 (PDT) Received: by 10.229.37.138 with HTTP; Wed, 11 Aug 2010 15:20:34 -0700 (PDT) In-Reply-To: References: <000601cb3976$963bb290$c2b317b0$@gmail.com> Date: Wed, 11 Aug 2010 23:20:34 +0100 X-Google-Sender-Auth: R9lEB0b94zJgHGMx-yPOjk4uYIs Message-ID: Subject: Re: SFTP character encoding and problem with agent auth From: Alexander Lamaison To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 12 Aug 2010 00:20:51 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 12 Aug 2010 00:20:46 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se T24gMTEgQXVndXN0IDIwMTAgMjM6MTUsIEFsZXhhbmRlciBMYW1haXNvbiA8c3dpc2hAbGFtbXku Y28udWs+IHdyb3RlOgo+IDIwMTAvOC8xMSDFvWVsamtvIE1hcmphbm92acSHIDxzYXZldGhlbTRl dmVyQGdtYWlsLmNvbT46Cj4+IElzIGl0IHBvc3NpYmxlIHRvIGRldGVybWluZSB0aGUgY2hhcmFj dGVyIGVuY29kaW5nIHRoZSBTU0gvU0ZUUCBzZXJ2ZXIgaXMKPj4gdXNpbmc/IEkgaGF2ZSByZWFk IHRoZSBwcm90b2NvbAo+PiBzcGVjcyBmb3IgU0ZUUCB2MyBhbmQgdGhlcmUgaXMgbm8gbWVudGlv biBvZiBpdCwgYnV0IGluIHY0IGRlZmF1bHQgZW5jb2RpbmcKPj4gaXMgVVRGLTguIMKgSXMgaXQg c2FmZSB0byBhc3N1bWUKPj4gYW5kIHVzZSBVVEYtOCBmb3IgZGVmYXVsdCBlbmNvZGluZz8KPgo+ IEkgaGF2ZSBubyBpZGVhIGhvdyBTRlRQIHY0IGV4cGVjdHMgc2VydmVycyB0byBndWFyYW50ZWUg dGhleSBzdXBwbHkKPiBVVEYtOCB3aGVuIHRoZSBzZXJ2ZXIgZG9lc24ndCBldmVuIGtub3cgdGhl IGVuY29kaW5nIG9mIGl0cyBvd24KPiBmaWxlbmFtZXMhCgpMbyBhbmQgYmVob2xkLCB0aGlzIGlz IHdoYXQgdGhlIFNGVFAgdjYgc3BlYyBzYXlzIFsxXToKCiAgIFRoZSBwcmVmZXJyZWQgZW5jb2Rp bmcgZm9yIGZpbGVuYW1lcyBpcyBVVEYtOC4gIFRoaXMgaXMgY29uc2lzdGVudAogICB3aXRoIElF VEYgUG9saWN5IG9uIENoYXJhY3RlciBTZXRzIGFuZCBMYW5ndWFnZXMgW1JGQzIyNzddIGFuZCBp dCBpcwogICBmdXJ0aGVyIHN1cHBvc2VkIHRoYXQgdGhlIHNlcnZlciBpcyBtb3JlIGxpa2VseSB0 byBzdXBwb3J0IGFueSBsb2NhbAogICBjaGFyYWN0ZXIgc2V0IGFuZCBiZSBhYmxlIHRvIGNvbnZl cnQgaXQgdG8gVVRGLTguCgogICBIb3dldmVyLCBiZWNhdXNlIHRoZSBzZXJ2ZXIgZG9lcyBub3Qg YWx3YXlzIGtub3cgdGhlIGVuY29kaW5nIG9mCiAgIGZpbGVuYW1lcywgaXQgaXMgbm90IGFsd2F5 cyBwb3NzaWJsZSBmb3IgdGhlIHNlcnZlciB0byBwcmVmb3JtIGEKICAgdmFsaWQgdHJhbnNsYXRp b24gdG8gVVRGLTguICBXaGVuIGFuIGludmFsaWQgdHJhbnNsYXRpb24gdG8gVVRGLTggaXMKICAg cHJlZm9ybWVkLCBpdCBiZWNvbWVzIGltcG9zc2libGUgdG8gbWFuaXB1bGF0ZSB0aGUgZmlsZSwg YmVjYXVzZSB0aGUKICAgdHJhbnNsYXRpb24gaXMgbm90IHJldmVyc2libGUuICAuLi4KClsxXSBo dHRwOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLXNlY3NoLWZpbGV4ZmVyLTEzI3Bh Z2UtMTUKCkFsZXgKCi0tClN3aXNoIC0gRWFzeSBTRlRQIGZvciBXaW5kb3dzIEV4cGxvcmVyICho dHRwOi8vd3d3LnN3aXNoLXNmdHAub3JnKQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fXwpsaWJzc2gyLWRldmVsIGh0dHA6Ly9jb29sLmhheHguc2UvY2dpLWJp bi9tYWlsbWFuL2xpc3RpbmZvL2xpYnNzaDItZGV2ZWwK From libssh2-devel-bounces@cool.haxx.se Thu Aug 12 02:11:01 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7C0Ahd1005203; Thu, 12 Aug 2010 02:10:58 +0200 Received: from earth.stuge.se (earth.stuge.se [213.88.146.15]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7C0Af9M005192 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 12 Aug 2010 02:10:41 +0200 Received: (qmail 24406 invoked from network); 12 Aug 2010 00:10:32 -0000 Received: from unknown (HELO earth.stuge.se) (127.0.0.1) by localhost with SMTP; 12 Aug 2010 00:10:32 -0000 MIME-Version: 1.0 From: "libssh2 Trac" X-Trac-Version: 0.12b1 Precedence: bulk Cc: libssh2-devel@cool.haxx.se Auto-Submitted: auto-generated X-Mailer: Trac 0.12b1, by Edgewall Software X-Trac-Project: libssh2 Date: Thu, 12 Aug 2010 00:10:32 -0000 X-URL: http://trac.libssh2.org/ Subject: [libssh2] #183: Check if keepalive reply came in if want_reply == 1, set error if not X-Trac-Ticket-URL: http://trac.libssh2.org/ticket/183 Message-ID: <045.a61a7448b95d2c73c1349ea57071c1a7@libssh2.stuge.se> X-Trac-Ticket-ID: 183 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 12 Aug 2010 02:11:01 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 12 Aug 2010 02:10:41 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Reply-To: trac@libssh2.stuge.se, libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se #183: Check if keepalive reply came in if want_reply == 1, set error if not ----------------------------------+----------------------------------------- Reporter: dringdahl | Owner: Type: enhancement | Status: new Priority: normal | Milestone: 1.2.6 Component: misc | Version: 1.2.6 Keywords: keepalive want_reply | Blocks: Blocked By: | ----------------------------------+----------------------------------------- This is the patch against v1.2.6 that I am using. I'm sure it could use some improvement, such as using a better error code (perhaps creating a new error code). Use this as you wish. {{{ diff -urwb libssh2-1.2.6/src/keepalive.c libssh2-1.2.6-luminex/src/keepalive.c --- libssh2-1.2.6/src/keepalive.c Thu Jun 3 04:52:02 2010 +++ libssh2-1.2.6-luminex/src/keepalive.c Tue Aug 3 13:26:46 2010 @@ -51,6 +51,7 @@ else session->keepalive_interval = interval; session->keepalive_want_reply = want_reply ? 1 : 0; + session->keepalive_got_reply = want_reply ? 1 : 0; } LIBSSH2_API int @@ -68,6 +69,12 @@ now = time (NULL); if (session->keepalive_last_sent + session->keepalive_interval <= now) { + if (session->keepalive_got_reply == 0) { + _libssh2_error(session, LIBSSH2_ERROR_TIMEOUT, + "Did not receive keepalive reply"); + return LIBSSH2_ERROR_TIMEOUT; + } + session->keepalive_got_reply = 0; /* Format is "SSH_MSG_GLOBAL_REQUEST || 4-byte len || str || want-reply". */ unsigned char keepalive_data[] = "\x50\x00\x00\x00\x15keepalive@libssh2.orgW"; diff -urwb libssh2-1.2.6/src/libssh2_priv.h libssh2-1.2.6-luminex/src/libssh2_priv.h --- libssh2-1.2.6/src/libssh2_priv.h Thu Jun 3 04:52:02 2010 +++ libssh2-1.2.6-luminex/src/libssh2_priv.h Tue Aug 3 12:53:21 2010 @@ -923,6 +923,7 @@ /* Keepalive variables used by keepalive.c. */ int keepalive_interval; int keepalive_want_reply; + int keepalive_got_reply; time_t keepalive_last_sent; }; diff -urwb libssh2-1.2.6/src/packet.c libssh2-1.2.6-luminex/src/packet.c --- libssh2-1.2.6/src/packet.c Fri May 21 05:09:41 2010 +++ libssh2-1.2.6-luminex/src/packet.c Tue Aug 3 13:06:39 2010 @@ -599,6 +599,16 @@ } break; + case SSH_MSG_REQUEST_FAILURE: + { + _libssh2_debug(session, + LIBSSH2_TRACE_CONN, + "Received keepalive reply"); + + session->keepalive_got_reply = 1; + } + break; + case SSH_MSG_CHANNEL_EXTENDED_DATA: /* streamid(4) */ session->packAdd_data_head += 4; }}} -- Ticket URL: libssh2 C library for writing portable SSH2 clients _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 12 06:45:45 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7C4jLv7008219; Thu, 12 Aug 2010 06:45:42 +0200 Received: from oproxy1-pub.bluehost.com (oproxy1-pub.bluehost.com [66.147.249.253]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7C4jGoM008177 for ; Thu, 12 Aug 2010 06:45:19 +0200 Received: (qmail 5736 invoked by uid 0); 12 Aug 2010 04:45:20 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy1.bluehost.com.bluehost.com with SMTP; 12 Aug 2010 04:45:20 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Content-Transfer-Encoding:Message-Id:References:To:X-Mailer:X-Identified-User; b=NIZqpB19Fj3XILdzjNmxMsdU2Ia23D/5PuDH++x2Z/jL6aip9CZQKmY39JZz7zU4V/3blBWScsKXfvPqVbf9wkDkknxL2NBNoAWRg5SpF4r4sSrGiEKnJys2zGK4WaKX; Received: from [122.170.36.42] (helo=[192.168.1.5]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1OjPfE-0004gn-BX for libssh2-devel@cool.haxx.se; Wed, 11 Aug 2010 22:45:13 -0600 Mime-Version: 1.0 (Apple Message framework v1078) Subject: Re: Authentication using public/private key From: Paresh Thakor In-Reply-To: <8464BFBA-CEAD-4A5C-873D-143135920164@fugue.com> Date: Thu, 12 Aug 2010 10:15:05 +0530 Message-Id: <1FDD0667-C43C-427A-A2ED-E69425EF04DD@moontechnolabs.com> References: <8464BFBA-CEAD-4A5C-873D-143135920164@fugue.com> To: libssh2 development X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.36.42 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 12 Aug 2010 06:45:45 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 12 Aug 2010 06:45:20 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Thanks for your aid, i'm pleased to have response from you. And you're right, i need to set up user accounts and think, there's good way to drag and drop key files into documents folder, which is the only option we can process with key files. We can also consider the absolute path to key files from root (/) but we are not known where these key files are stored in iPhone file system. By this methods, we'll display list of flies through which user can select key files which we need to use to authenticate. Or we can use some naming conventions also so we come to know which files we need to use for particular account. But we have tried with all these options giving absolute path as well as putting files into resource and copying into documents folder, but any of these are not working. Don't know in which terms we lack anything, but we might have taken wrong way... possibly we are not doing what we need to do. Please let us know or give us any possible hint. Thanks for your solution. I'll post my answers if i get any solution. Regards, Paresh Thakor. On Aug 10, 2010, at 9:30 PM, Ted Lemon wrote: > On Aug 10, 2010, at 6:36 AM, Paresh Thakor wrote: >> I'm implementing libssh2 for ssh implementation for my iPhone application. If anyone good to this, please let me know how can i put these files and where to put them? In documents directory for iPhone application? Or how can we access these files globally? I've tried few tricks but each of them failed. Please let me know how can i implement public/private key authorization. > > The easiest way to do this, just to try it out, is to put the files in the Resources folder in your xcode project. This will result in them being copied into the application bundle. You can then open them with this example code: > > privkey = [[NSBundle mainBundle] pathForResource: @"ipad" ofType: @"key" > inDirectory: @""]; > pubkey = [[NSBundle mainBundle] pathForResource: @"ipad" ofType: @"pub" > inDirectory: @""]; > rc = libssh2_userauth_publickey_fromfile(session, > "mellon", [pubkey UTF8String], > [privkey UTF8String], ""); > > However, obviously this won't work for production use, since the user needs to set up their own key. For that, I think the right solution is to port the ssh-keygen functionality and generate the key on the iPad; any other solution is going to be impractical, because it will rely on some resource the user may or may not have (a machine that can run ssh-keygen), and on a secure path between the user's machine and the machine that generated the key, which is a bit of a chicken-and-egg problem. You could use iTunes file transfer for this, but I don't think it's at all secure. > > I'm working on an app for iPad that uses libssh2 as well, and so I'm running into similar problems--if I come up with a solution I'll let you know. > > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 12 16:26:53 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7CEQWZs014032; Thu, 12 Aug 2010 16:26:49 +0200 Received: from snt0-omc4-s13.snt0.hotmail.com (snt0-omc4-s13.snt0.hotmail.com [65.55.90.216]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7CEQSYs014011 for ; Thu, 12 Aug 2010 16:26:30 +0200 Received: from SNT137-W24 ([65.55.90.201]) by snt0-omc4-s13.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 12 Aug 2010 07:26:17 -0700 Message-ID: X-Originating-IP: [62.20.92.123] From: Mikael Johansson To: Subject: Key regeneration failure (serverside demand) Date: Thu, 12 Aug 2010 16:26:17 +0200 Importance: Normal MIME-Version: 1.0 X-OriginalArrivalTime: 12 Aug 2010 14:26:17.0253 (UTC) FILETIME=[5367A550:01CB3A2A] X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 12 Aug 2010 16:26:53 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 12 Aug 2010 16:26:30 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1700828087==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1700828087== Content-Type: multipart/alternative; boundary="_f99374a7-210b-436f-be89-f90ead634941_" --_f99374a7-210b-436f-be89-f90ead634941_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello members I've implemented an scp client using libCurl and libSSH2 and have encounter= ed a problem. After 1 GB of uploaded data=2C the server tries to reexchange keys. My appl= ication ignores it and continues sending data. The server closes the connec= tion. I think the problem lies in the libSSH2 not taking care of the key exchange= . Tests with the libSSH2's sample program scp_write_nonblock.c shows the same= =20 result. Is there a way to configure libSSH2 to perform this reexchanging of keys au= tomatically? I am using=20 libCurl 7.21.1 libSSH2 1.2.7-20100812 (in nonblocking mode) openSSL 1.0.0a The client runs on Windows XP=2C 32bit=2C the server runs CentOS 5. The server's /var/log/secure shows: Disconnecting: Protocol error: expected packet type 21=2C got 94 where type 21 is SSH2_MSG_NEWKEYS and type 94 is SSH2_MSG_CHANNEL_DATA. = --_f99374a7-210b-436f-be89-f90ead634941_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello members

I've implemented an scp client using libCurl and libSS= H2 and have encountered a problem.

After 1 GB of uploaded data=2C th= e server tries to reexchange keys. My application ignores it and continues = sending data. The server closes the connection.
I think the problem lies= in the libSSH2 not taking care of the key exchange.
Tests with the libS= SH2's sample program scp_write_nonblock.c shows the same=20 result.

Is there a way to configure libSSH2 to perform this reexchan= ging of keys automatically?


I am using
libCurl 7.21.1
lib= SSH2 1.2.7-20100812 (in nonblocking mode)
openSSL 1.0.0a

The clie= nt runs on Windows XP=2C 32bit=2C the server runs CentOS 5.

The serv= er's /var/log/secure shows:
Disconnecting: Protocol error: expected pack= et type 21=2C got 94
where type 21 is SSH2_MSG_NEWKEYS and type 94 is SS= H2_MSG_CHANNEL_DATA.


= --_f99374a7-210b-436f-be89-f90ead634941_-- --===============1700828087== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1700828087==-- From libssh2-devel-bounces@cool.haxx.se Fri Aug 13 00:42:55 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7CMgNXF007158; Fri, 13 Aug 2010 00:42:52 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7CMgL8A007149 for ; Fri, 13 Aug 2010 00:42:21 +0200 Date: Fri, 13 Aug 2010 00:42:21 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Key regeneration failure (serverside demand) In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 13 Aug 2010 00:42:55 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 13 Aug 2010 00:42:21 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Thu, 12 Aug 2010, Mikael Johansson wrote: > After 1 GB of uploaded data, the server tries to reexchange keys. My > application ignores it and continues sending data. The server closes the > connection. I think the problem lies in the libSSH2 not taking care of the > key exchange. Tests with the libSSH2's sample program scp_write_nonblock.c > shows the same result. > > Is there a way to configure libSSH2 to perform this reexchanging of keys > automatically? I figure it should do that already. This sounds like a genuine bug. Is there any decent way we can repeat this problem using just openssh as server? -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 13 02:42:42 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7D0gQkf006545; Fri, 13 Aug 2010 02:42:39 +0200 Received: from dns-factory.at (mx03.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7D0gOFd006510 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Fri, 13 Aug 2010 02:42:24 +0200 Received: from [172.17.100.7] lists@gknw.net [84.63.37.175] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Fri, 13 Aug 2010 02:42:09 +0200 Message-ID: <4C64949D.5080307@gknw.net> Date: Fri, 13 Aug 2010 02:41:01 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.8) Gecko/20100802 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: compile under win32 using gnu toolchain? References: In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 13 Aug 2010 02:42:42 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 13 Aug 2010 02:42:24 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Am 07.08.2010 07:26, schrieb Toan Pham: > I try to compile libssh2 for windows using mingw and gnu gcc compiler > under windows xp. > Because libssh2 depends on libgcrypt or openssl, which also depends on > liberror (something i forgot at the moment. I am curious if anyone > has compiled it in windows using gcc tools before? i had some problem > compiling liberrorcode, i think i was missing a dependency check > utility (depmon). would someone give me some pointers on compiling > it. thank you. beside what Simon posted for gnutls the libssh2 release have also a = MingW32 makefile in ./win32 folder which is desgined for OpenSSL usage; = you just need to point to your OpenSSL build (either edit the makefile, = or overwrte OPENSSL_PATH with env var), and do a 'make' in the win32 = folder; no autotools / MSYS needed, just plain MingW32 gcc. G=FCn. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 13 03:16:43 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7D1GYOH026476; Fri, 13 Aug 2010 03:16:43 +0200 Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com [74.125.82.182]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7D1GXmY026453 for ; Fri, 13 Aug 2010 03:16:33 +0200 Received: by wyj26 with SMTP id 26so2770172wyj.41 for ; Thu, 12 Aug 2010 18:16:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=TRF6zGHdO81yaKxf/3kEUxJxVDcK2R9ddfltP3UJt1I=; b=pi9Zs9vG2Y0hGhEgH9XRsIn5zzhGQaa5tqkQGuWxVVg1I1315sJzyV18HDB5bJpCKf 0Xy1CuU6SED/C3hht+z8Mmj8pKGkbMK6hqbjWPOAXkqSE0HNffFTOoKcMUmUR5q5UdZO Dpf1FO41phl+RWQvnpFSi+9DynvDr1K+/JzwE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=AaQ6FK/iog5pVJTgwS/hauxGUsbffjjSnp3g3veiH+1KBNV5cZY4yrXyn3ef2V63Ff i7FdTzbf7854k6KDSkelvpNrCfpoHEArc6HPnHZqvemqI0OGJepRUXjpb9JkxeafOsk2 f5c+MzYBkR2vBj0VNnuj+X8esVQP9AGBQudS4= MIME-Version: 1.0 Received: by 10.216.175.83 with SMTP id y61mr682934wel.30.1281662183691; Thu, 12 Aug 2010 18:16:23 -0700 (PDT) Received: by 10.216.24.210 with HTTP; Thu, 12 Aug 2010 18:16:23 -0700 (PDT) In-Reply-To: <4C64949D.5080307@gknw.net> References: <4C64949D.5080307@gknw.net> Date: Thu, 12 Aug 2010 21:16:23 -0400 Message-ID: Subject: Re: compile under win32 using gnu toolchain? From: Toan Pham To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 13 Aug 2010 03:16:43 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 13 Aug 2010 03:16:33 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se This was my first gnu project compiling under win32; therefore, i didn't know if it is possible to use linux gnu tools under windows and compile it as if it was under linux, w/o changing the makefile. Thank you so much for your advises: Guenter & Simon. -Toan _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 13 08:13:04 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7D6CmAx025807; Fri, 13 Aug 2010 08:13:01 +0200 Received: from snt0-omc4-s7.snt0.hotmail.com (snt0-omc4-s7.snt0.hotmail.com [65.55.90.210]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7D6CjCt025785 for ; Fri, 13 Aug 2010 08:12:46 +0200 Received: from SNT137-W16 ([65.55.90.200]) by snt0-omc4-s7.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 12 Aug 2010 23:12:39 -0700 Message-ID: X-Originating-IP: [62.20.92.123] From: Mikael Johansson To: Subject: RE: Key regeneration failure (serverside demand) Date: Fri, 13 Aug 2010 08:12:39 +0200 Importance: Normal In-Reply-To: References: , MIME-Version: 1.0 X-OriginalArrivalTime: 13 Aug 2010 06:12:39.0262 (UTC) FILETIME=[881E9FE0:01CB3AAE] X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 13 Aug 2010 08:13:04 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 13 Aug 2010 08:12:46 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0282199993==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============0282199993== Content-Type: multipart/alternative; boundary="_75dce62a-5821-4fcb-94de-3f5e4a7ffa3a_" --_75dce62a-5821-4fcb-94de-3f5e4a7ffa3a_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Thanks for quick reply. I haven't seen any configuration parameters in openssh (the KeyRegeneration= Interval parameter seems to concern SSH1 only) so I made a query to the ope= nssh mailing list. > Date: Fri=2C 13 Aug 2010 00:42:21 +0200 > From: daniel@haxx.se > To: libssh2-devel@cool.haxx.se > Subject: Re: Key regeneration failure (serverside demand) >=20 > On Thu=2C 12 Aug 2010=2C Mikael Johansson wrote: >=20 > > After 1 GB of uploaded data=2C the server tries to reexchange keys. My= =20 > > application ignores it and continues sending data. The server closes th= e=20 > > connection. I think the problem lies in the libSSH2 not taking care of = the=20 > > key exchange. Tests with the libSSH2's sample program scp_write_nonbloc= k.c=20 > > shows the same result. > > > > Is there a way to configure libSSH2 to perform this reexchanging of key= s=20 > > automatically? >=20 > I figure it should do that already. This sounds like a genuine bug. >=20 > Is there any decent way we can repeat this problem using just openssh as= =20 > server? >=20 > --=20 >=20 > / daniel.haxx.se > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel = --_75dce62a-5821-4fcb-94de-3f5e4a7ffa3a_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Thanks for quick reply.

I haven't seen any configuration parameters = in openssh (the KeyRegenerationInterval parameter seems to concern SSH1 onl= y) so I made a query to the openssh mailing list.


>=3B Date: F= ri=2C 13 Aug 2010 00:42:21 +0200
>=3B From: daniel@haxx.se
>=3B T= o: libssh2-devel@cool.haxx.se
>=3B Subject: Re: Key regeneration failu= re (serverside demand)
>=3B
>=3B On Thu=2C 12 Aug 2010=2C Mikael= Johansson wrote:
>=3B
>=3B >=3B After 1 GB of uploaded data= =2C the server tries to reexchange keys. My
>=3B >=3B application i= gnores it and continues sending data. The server closes the
>=3B >= =3B connection. I think the problem lies in the libSSH2 not taking care of = the
>=3B >=3B key exchange. Tests with the libSSH2's sample program= scp_write_nonblock.c
>=3B >=3B shows the same result.
>=3B &g= t=3B
>=3B >=3B Is there a way to configure libSSH2 to perform this r= eexchanging of keys
>=3B >=3B automatically?
>=3B
>=3B I= figure it should do that already. This sounds like a genuine bug.
>= =3B
>=3B Is there any decent way we can repeat this problem using jus= t openssh as
>=3B server?
>=3B
>=3B --
>=3B
>= =3B / daniel.haxx.se
>=3B __________________________________________= _____
>=3B libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/= libssh2-devel
= --_75dce62a-5821-4fcb-94de-3f5e4a7ffa3a_-- --===============0282199993== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0282199993==-- From libssh2-devel-bounces@cool.haxx.se Fri Aug 13 12:26:05 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7DAPlJZ022020; Fri, 13 Aug 2010 12:26:01 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7DAPiQk022008 for ; Fri, 13 Aug 2010 12:25:45 +0200 Received: by qwg5 with SMTP id 5so3548233qwg.41 for ; Fri, 13 Aug 2010 03:25:37 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.189.143 with SMTP id de15mr1115854qcb.35.1281695137421; Fri, 13 Aug 2010 03:25:37 -0700 (PDT) Received: by 10.229.227.75 with HTTP; Fri, 13 Aug 2010 03:25:37 -0700 (PDT) In-Reply-To: References: Date: Fri, 13 Aug 2010 12:25:37 +0200 Message-ID: Subject: Re: time for another release From: Jose Baars To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 13 Aug 2010 12:26:05 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 13 Aug 2010 12:25:45 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1489165244==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1489165244== Content-Type: multipart/alternative; boundary=0016363b8684605c31048db1e7b9 --0016363b8684605c31048db1e7b9 Content-Type: text/plain; charset=ISO-8859-1 Hi, Just to confirm: I ran most examples linked against 1.2.6 with 1.2.7. 1.2.7 seems to be fully upward compatible with 1.2.6. No VMS specific seem necessary. Regards, Jose 2010/8/10 Daniel Stenberg > Hiya friends! > > We have a decent set of bugfixes in git that haven't been released so it's > about time we make a tarball and put it out there! To reduce the shock, I'll > give you all 7 days to calm down and push your fixes before I make the > release. > > Planned release date unless something goes horribly wrong: August 17th > 2010. > > If you have pending issues or whatever you like adressed before this, now > is the time to shout! > > -- > > / daniel.haxx.se > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > --0016363b8684605c31048db1e7b9 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi,

Just to confirm: I ran most examples linked against 1.2.6 with = 1.2.7.
1.2.7 seems to be fully upward compatible with 1.2.6.
No VMS s= pecific=A0 seem necessary.

Regards,
Jose


2010/8/10 Daniel Stenberg <daniel@haxx.se>
Hiya friends!

We have a decent set of bugfixes in git that haven't been released so i= t's about time we make a tarball and put it out there! To reduce the sh= ock, I'll give you all 7 days to calm down and push your fixes before I= make the release.

Planned release date unless something goes horribly wrong: August 17th 2010= .

If you have pending issues or whatever you like adressed before this, now i= s the time to shout!

--

=A0/ daniel.haxx.se=
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/li= bssh2-devel

--0016363b8684605c31048db1e7b9-- --===============1489165244== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1489165244==-- From libssh2-devel-bounces@cool.haxx.se Fri Aug 13 21:38:22 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7DJc1XT006639; Fri, 13 Aug 2010 21:38:19 +0200 Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7DJc0Xn006634 for ; Fri, 13 Aug 2010 21:38:00 +0200 Received: by bwz20 with SMTP id 20so70744bwz.41 for ; Fri, 13 Aug 2010 12:37:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:references :in-reply-to:subject:date:message-id:mime-version:content-type :content-transfer-encoding:x-mailer:thread-index:content-language; bh=G8T4WQi6mJrhslwJxkL5duj2phAzUaAC//9fdziBx+w=; b=RjvL+nKQs4QYfspGSx0Msp/2d7p3waRT36pboy1jS0cF5S2O/Kuuzbf38hT0X9TJuU rAghFoFHUMTZaeXgk5ACu+yfgWtWYnUJXM6HsIfhhrJ7q8VW+XZ2yVjm1BAEPQ0ByFgv /9u9nuPcpZNZg+2P7M9B/649QcXMy+X2TwrWI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:references:in-reply-to:subject:date:message-id:mime-version :content-type:content-transfer-encoding:x-mailer:thread-index :content-language; b=kqpEOOTXWH1DpR7URz8Kxg70/1KalVOMwc6cxgjMcF3xHlIWQqsjwLr+GOZSSY/q6e 62VZF/qz1odLWLx9EUZTmdkC08jehoWKbFAchpt5NPMVtG5UOP6RO/PM3gjyaNwQk0fl ynr+5nYu5A+cTBVnehKBZ/GyATNmjKdWz0+TA= Received: by 10.204.117.205 with SMTP id s13mr338412bkq.140.1281728269359; Fri, 13 Aug 2010 12:37:49 -0700 (PDT) Received: from rainPC (dynamic-78-30-179-234.adsl.eunet.rs [78.30.179.234]) by mx.google.com with ESMTPS id a13sm1928682bka.10.2010.08.13.12.37.46 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 13 Aug 2010 12:37:48 -0700 (PDT) From: =?utf-8?Q?=C5=BDeljko_Marjanovi=C4=87?= To: "'libssh2 development'" References: <000601cb3976$963bb290$c2b317b0$@gmail.com> In-Reply-To: Subject: RE: SFTP character encoding and problem with agent auth Date: Fri, 13 Aug 2010 21:37:40 +0200 Message-ID: <003501cb3b1e$ffc72510$ff556f30$@gmail.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQJGR/8hGtfIgPAM/mLvwrU0poNX+AGUDJBDAQqel8CR1LSNAA== Content-Language: sr-rs X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 13 Aug 2010 21:38:22 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 13 Aug 2010 21:38:00 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se QWxleCwKVGhhbmsgeW91IGZvciB5b3VyIGRldGFpbGVkIHJlcGx5LiBNdWNoIGFwcHJlY2lhdGVk IDotKQoKSSB3aWxsIGNvZGUgdGhlIGNvbXBvbmVudHMgYXMgeW91IHN1Z2dlc3RlZCwgdXNlIHRo ZSBVVEYtOAphcyB0aGUgZGVmYXVsdCBlbmNvZGluZyBhbmQgbGV0IHRoZSB1c2VycyBjaG9vc2Ug YWx0ZXJuYXRlCmVuY29kaW5ncyBpZiB0aGV5IHdpc2ggc28uCgpJIGhhZCBhbm90aGVyIGlkZWEg aG93IHRvIGdldCB0aGUgZW5jb2RpbmcgdGhlIHNlcnZlciBpcyB1c2luZywgZHVubm8gaWYgaXQn cyBnb29kIGVub3VnaCA6LSkKVGhlIGlkZWEgd2FzIHRvIG9wZW4gdGhlIHNzaCBjaGFubmVsIGFu ZCByZWFkIHRoZSBMQU5HL0xDX0FMTCBlbnYgdmFyaWFibGVzIGlmIHRoZXkgZXhpc3QsCnBhcnNl IHRoZW0gYW5kIHNldCB0aGUgZW5jb2Rpbmc7IGlmIHRoZXkgZG9u4oCZdCBleGlzdCByZXZlcnQg dG8gZGVmYXVsdC4KClRoaXMgd2lsbCBoYXZlIHRvIHdhaXQsIGNhdXNlIEknbSBvbiB2YWNhdGlv biByaWdodCBub3csIGFuZCBiZWZvcmUgdGhhdCBJIG5lZWQgdG8gcG9ydCAKdGhlIHBvcnQgZm9y d2FyZGluZyBwYXJ0IGNvbXBsZXRlbHkgIDotKQoKQmVzdCByZWdhcmRzLApaZWxqa28KCgotLS0t LU9yaWdpbmFsIE1lc3NhZ2UtLS0tLQpGcm9tOiBsaWJzc2gyLWRldmVsLWJvdW5jZXNAY29vbC5o YXh4LnNlIFttYWlsdG86bGlic3NoMi1kZXZlbC1ib3VuY2VzQGNvb2wuaGF4eC5zZV0gT24gQmVo YWxmIE9mIEFsZXhhbmRlciBMYW1haXNvbgpTZW50OiBUaHVyc2RheSwgQXVndXN0IDEyLCAyMDEw IDEyOjIxIEFNClRvOiBsaWJzc2gyIGRldmVsb3BtZW50ClN1YmplY3Q6IFJlOiBTRlRQIGNoYXJh Y3RlciBlbmNvZGluZyBhbmQgcHJvYmxlbSB3aXRoIGFnZW50IGF1dGgKCk9uIDExIEF1Z3VzdCAy MDEwIDIzOjE1LCBBbGV4YW5kZXIgTGFtYWlzb24gPHN3aXNoQGxhbW15LmNvLnVrPiB3cm90ZToK PiAyMDEwLzgvMTEgxb1lbGprbyBNYXJqYW5vdmnEhyA8c2F2ZXRoZW00ZXZlckBnbWFpbC5jb20+ Ogo+PiBJcyBpdCBwb3NzaWJsZSB0byBkZXRlcm1pbmUgdGhlIGNoYXJhY3RlciBlbmNvZGluZyB0 aGUgU1NIL1NGVFAgCj4+IHNlcnZlciBpcyB1c2luZz8gSSBoYXZlIHJlYWQgdGhlIHByb3RvY29s IHNwZWNzIGZvciBTRlRQIHYzIGFuZCB0aGVyZSAKPj4gaXMgbm8gbWVudGlvbiBvZiBpdCwgYnV0 IGluIHY0IGRlZmF1bHQgZW5jb2RpbmcgaXMgVVRGLTguICBJcyBpdCBzYWZlIAo+PiB0byBhc3N1 bWUgYW5kIHVzZSBVVEYtOCBmb3IgZGVmYXVsdCBlbmNvZGluZz8KPgo+IEkgaGF2ZSBubyBpZGVh IGhvdyBTRlRQIHY0IGV4cGVjdHMgc2VydmVycyB0byBndWFyYW50ZWUgdGhleSBzdXBwbHkKPiBV VEYtOCB3aGVuIHRoZSBzZXJ2ZXIgZG9lc24ndCBldmVuIGtub3cgdGhlIGVuY29kaW5nIG9mIGl0 cyBvd24gCj4gZmlsZW5hbWVzIQoKTG8gYW5kIGJlaG9sZCwgdGhpcyBpcyB3aGF0IHRoZSBTRlRQ IHY2IHNwZWMgc2F5cyBbMV06CgogICBUaGUgcHJlZmVycmVkIGVuY29kaW5nIGZvciBmaWxlbmFt ZXMgaXMgVVRGLTguICBUaGlzIGlzIGNvbnNpc3RlbnQKICAgd2l0aCBJRVRGIFBvbGljeSBvbiBD aGFyYWN0ZXIgU2V0cyBhbmQgTGFuZ3VhZ2VzIFtSRkMyMjc3XSBhbmQgaXQgaXMKICAgZnVydGhl ciBzdXBwb3NlZCB0aGF0IHRoZSBzZXJ2ZXIgaXMgbW9yZSBsaWtlbHkgdG8gc3VwcG9ydCBhbnkg bG9jYWwKICAgY2hhcmFjdGVyIHNldCBhbmQgYmUgYWJsZSB0byBjb252ZXJ0IGl0IHRvIFVURi04 LgoKICAgSG93ZXZlciwgYmVjYXVzZSB0aGUgc2VydmVyIGRvZXMgbm90IGFsd2F5cyBrbm93IHRo ZSBlbmNvZGluZyBvZgogICBmaWxlbmFtZXMsIGl0IGlzIG5vdCBhbHdheXMgcG9zc2libGUgZm9y IHRoZSBzZXJ2ZXIgdG8gcHJlZm9ybSBhCiAgIHZhbGlkIHRyYW5zbGF0aW9uIHRvIFVURi04LiAg V2hlbiBhbiBpbnZhbGlkIHRyYW5zbGF0aW9uIHRvIFVURi04IGlzCiAgIHByZWZvcm1lZCwgaXQg YmVjb21lcyBpbXBvc3NpYmxlIHRvIG1hbmlwdWxhdGUgdGhlIGZpbGUsIGJlY2F1c2UgdGhlCiAg IHRyYW5zbGF0aW9uIGlzIG5vdCByZXZlcnNpYmxlLiAgLi4uCgpbMV0gaHR0cDovL3Rvb2xzLmll dGYub3JnL2h0bWwvZHJhZnQtaWV0Zi1zZWNzaC1maWxleGZlci0xMyNwYWdlLTE1CgpBbGV4Cgot LQpTd2lzaCAtIEVhc3kgU0ZUUCBmb3IgV2luZG93cyBFeHBsb3JlciAoaHR0cDovL3d3dy5zd2lz aC1zZnRwLm9yZykgX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X18KbGlic3NoMi1kZXZlbCBodHRwOi8vY29vbC5oYXh4LnNlL2NnaS1iaW4vbWFpbG1hbi9saXN0 aW5mby9saWJzc2gyLWRldmVsCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fXwpsaWJzc2gyLWRldmVsIGh0dHA6Ly9jb29sLmhheHguc2UvY2dpLWJpbi9tYWls bWFuL2xpc3RpbmZvL2xpYnNzaDItZGV2ZWwK From libssh2-devel-bounces@cool.haxx.se Fri Aug 13 22:13:02 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7DKCsof020370; Fri, 13 Aug 2010 22:13:00 +0200 Received: from mail-qy0-f175.google.com (mail-qy0-f175.google.com [209.85.216.175]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7DKCqne020360 for ; Fri, 13 Aug 2010 22:12:53 +0200 Received: by qyk11 with SMTP id 11so1355847qyk.20 for ; Fri, 13 Aug 2010 13:12:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; bh=ZlMojakX6xuslUK9bKXfz3XK0FAbaXOXYYybOKjBNBQ=; b=aL7Jf1eBRqf5IhCLA0r1GM5jO2AefR/Jbpe92dE9osBG9YEDEKYrQ1PKVzsOQFmzR5 xYeOIzqj+qzYpTPb284A80KS7FfN6luBAlWdL5wQ/XyyiRwiC8q6pOdymN+vlvbfE7t1 1TGBYNHCZH8dushrZ9XQD6GPYJiOyXSkNOcik= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=qGP58o++4/gGIVivd6d/9ffnY/U1JrCBvczAsgZkdghpSqTo54+FJ/DcVLjv1orzIv lx7Lixw/v9V7SGIMzZMAsJIbqCwfQHNu/K8RdbeprHdq8VBwwbyJJb4XEdJR1PqUTjoL q4MIvf5b3rYpvoqkczaDeSCXUIiKkTaeESZpQ= MIME-Version: 1.0 Received: by 10.224.66.201 with SMTP id o9mr1327281qai.277.1281730361004; Fri, 13 Aug 2010 13:12:41 -0700 (PDT) Received: by 10.229.37.138 with HTTP; Fri, 13 Aug 2010 13:12:40 -0700 (PDT) In-Reply-To: <003501cb3b1e$ffc72510$ff556f30$@gmail.com> References: <000601cb3976$963bb290$c2b317b0$@gmail.com> <003501cb3b1e$ffc72510$ff556f30$@gmail.com> Date: Fri, 13 Aug 2010 21:12:40 +0100 X-Google-Sender-Auth: iDrGCMLZsiUA6in8dLd48DnJ8XQ Message-ID: Subject: Re: SFTP character encoding and problem with agent auth From: Alexander Lamaison To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 13 Aug 2010 22:13:02 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 13 Aug 2010 22:12:53 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se MjAxMC84LzEzIMW9ZWxqa28gTWFyamFub3ZpxIcgPHNhdmV0aGVtNGV2ZXJAZ21haWwuY29tPjoK Pgo+IFRoYW5rIHlvdSBmb3IgeW91ciBkZXRhaWxlZCByZXBseS4gTXVjaCBhcHByZWNpYXRlZCA6 LSkKCk15IHBsZWFzdXJlLgoKPiBJIGhhZCBhbm90aGVyIGlkZWEgaG93IHRvIGdldCB0aGUgZW5j b2RpbmcgdGhlIHNlcnZlciBpcyB1c2luZywgZHVubm8gaWYgaXQncyBnb29kIGVub3VnaCA6LSkK PiBUaGUgaWRlYSB3YXMgdG8gb3BlbiB0aGUgc3NoIGNoYW5uZWwgYW5kIHJlYWQgdGhlIExBTkcv TENfQUxMIGVudiB2YXJpYWJsZXMgaWYgdGhleSBleGlzdCwKPiBwYXJzZSB0aGVtIGFuZCBzZXQg dGhlIGVuY29kaW5nOyBpZiB0aGV5IGRvbuKAmXQgZXhpc3QgcmV2ZXJ0IHRvIGRlZmF1bHQuCgpU aGlzIG1heSBiZSBhIHJlYXNvbmFibGUgaGV1cmlzdGljIG11Y2ggb2YgdGhlIHRpbWUgYnV0IEkg Y2FuIGltYWdpbmUKc2l0dWF0aW9ucyB3aGVyZSBpdCB3b3VsZG4ndCB3b3JrLiAgRmlyc3RseSwg SSBkb24ndCBrbm93IGlmIGl0J3MgYQpyZXF1aXJlbWVudCBmb3IgYWxsIFVuaWNlcyB0byBkZWZp bmUgdGhlIGVudmlyb25tZW50IHZhcmlhYmxlLgpDZXJ0YWlubHkgbm9uLXVuaXggT1NlcyBkb24n dCBoYXZlIHRvLiAgQWxzbywgSSBkZXNjcmliZWQgdGhlIHdheSBpdAppcyBpbnRlcnByZXRlZCBi eSBtb2Rlcm4gTGludXgsIHBhcnRpY3VsYXJseSBVYnVudHUuICBJIGNhbid0IHByb21pc2UKeW91 IHRoYXQgYWxsIFVuaWNlcyBpbnRlcnByZXQgaXQgdW5pZm9ybWx5LiAgSSBjYW4gaW1hZ2luZSBm bGF2b3VycyBvZgpVbml4IHRoYXQgZG9uJ3QgaGF2ZSBsb2NhbGlzYXRpb24gc3VwcG9ydCB0aGF0 IGFzc3VtZSBhbGwgZmlsZW5hbWVzCmFyZSBlbmNvZGVkIGluIGEgcGFydGljdWxhciwgbm9uLVVU Ri04IGVuY29kaW5nIGFuZCBkb24ndCBldmVuIGJvdGhlcgp3aXRoIExBTkcuICBJbiBnZW5lcmFs LCBvbmx5IHRoZSB1c2VyIGNhbiByZWFsbHkga25vdy4KCkFsZXgKClAuUy4gIFBsZWFzZSBfYWx3 YXlzXyBib3R0b20tcG9zdCBvbiB0aGlzIGxpc3Qgb3RoZXJ3aXNlIGNvbnZlcnNhdGlvbnMKZ2V0 IGluY3JlZGlibHkgY29uZnVzaW5nLgoKLS0KU3dpc2ggLSBFYXN5IFNGVFAgZm9yIFdpbmRvd3Mg RXhwbG9yZXIgKGh0dHA6Ly93d3cuc3dpc2gtc2Z0cC5vcmcpCl9fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fCmxpYnNzaDItZGV2ZWwgaHR0cDovL2Nvb2wuaGF4 eC5zZS9jZ2ktYmluL21haWxtYW4vbGlzdGluZm8vbGlic3NoMi1kZXZlbAo= From libssh2-devel-bounces@cool.haxx.se Mon Aug 16 13:29:23 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7GBSu9C020537; Mon, 16 Aug 2010 13:29:17 +0200 Received: from oproxy2-pub.bluehost.com (oproxy2-pub.bluehost.com [67.222.39.60]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7GBSqrJ020531 for ; Mon, 16 Aug 2010 13:28:54 +0200 Received: (qmail 22301 invoked by uid 0); 16 Aug 2010 11:28:49 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy2.bluehost.com with SMTP; 16 Aug 2010 11:28:49 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:From:Content-Type:Subject:Date:References:To:Message-Id:Mime-Version:X-Mailer:X-Identified-User; b=rF3KfsorroYCf9FCGcQqzd6VSBWS/PQqtxn7k3fmIjnLwEmGxz+VsJknzQHnghzrF0m6Yk8/z2kVg2nrLoGtpdmJwTq6Tx7k/zdVkcHEz8eNFBVXULgulDxfE25jW5qF; Received: from [122.170.42.192] (helo=[192.168.1.6]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1Okxs0-0002dT-UF for libssh2-devel@cool.haxx.se; Mon, 16 Aug 2010 05:28:49 -0600 From: Paresh Thakor Subject: SSH-keygen in iPhone Date: Mon, 16 Aug 2010 16:58:44 +0530 References: To: libssh2 development Message-Id: Mime-Version: 1.0 (Apple Message framework v1078) X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.42.192 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 16 Aug 2010 13:29:23 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 16 Aug 2010 13:28:55 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0805146125==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============0805146125== Content-Type: multipart/alternative; boundary=Apple-Mail-3-855730086 --Apple-Mail-3-855730086 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > Hi, >=20 > Does anyone know how can we generate ssh public/private key pair in = iPhone..? Like, TouchTerm? > I'm trying to implement RSA key generation for iPhone..! Lots of = searches result into SSH-KEYGEN command, but we can't use such commands = on iPhone SDK, they're not working on iPhone device... I've tested lots = of code. I've also checked ssh-keygen.c from openssl but not able to = find any proper help. >=20 > Can someone suggest me which way i should go? Is this iPhone SDK = dependa=10nt, openssl or libssh2 problem? I'm using libssh2 library for = SSH connection, please help me off the issue, this is driving me crazzy. >=20 > Regards, > Paresh Thakor. --Apple-Mail-3-855730086 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7GFXtBp007436; Mon, 16 Aug 2010 17:34:13 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7GFXsUL007433 for ; Mon, 16 Aug 2010 17:33:54 +0200 Received: (qmail 1928 invoked by uid 501); 16 Aug 2010 15:33:49 -0000 Message-ID: <20100816153349.1927.qmail@stuge.se> Date: Mon, 16 Aug 2010 17:33:49 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: SSH-keygen in iPhone Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 16 Aug 2010 17:34:18 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 16 Aug 2010 17:33:54 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Paresh Thakor wrote: > Does anyone know how can we generate ssh public/private key pair in > iPhone..? Since you are not asking about libssh2, why are you asking on the libssh2 mailing list? This is not related in any way to libssh2. > I'm trying to implement RSA key generation for iPhone..! Then it would seem prudent to ask in an iPhone forum about cryptography. > I've tested lots of code. I've also checked ssh-keygen.c from > openssl I know of two open source SSH key generators. One is ssh-keygen.c from OpenSSH (not openssl, please try to be accurate, it makes communication more efficient). OpenSSH depends on OpenSSL. If you don't have OpenSSL in your target environment then this is not a good choice. The other generator is the PuTTYgen codebase made by the PuTTY authors, which uses it's own crypto layer, independent of OpenSSL. If you are using libgcrypt for libssh2 then it would be best to adapt one of the above implementations to use libgcrypt. This is more work, but it makes your code smaller since you only need to include/use one crypto library. > but not able to find any proper help. Your definition of "proper help" is just wrong. Both these codebases can be used to solve your problem. If you do not understand those programs well enough to isolate the parts which you need to reuse then you should find someone who does, in order to complete your project. > Can someone suggest me which way i should go? Is this iPhone SDK > dependant, openssl or libssh2 problem? libssh2 uses keys in the OpenSSH format. How you create those keys is irrelevant for libssh2. OpenSSL could be used, but of course you should use whatever is in the target system SDK. > this is driving me crazzy. Work on another project. Return to your current project later, when you have more experience. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 17 12:23:54 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7HANd6E013638; Tue, 17 Aug 2010 12:23:52 +0200 Received: from oproxy3-pub.bluehost.com (oproxy3-pub.bluehost.com [69.89.21.8]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7HANZIL013548 for ; Tue, 17 Aug 2010 12:23:36 +0200 Received: (qmail 13675 invoked by uid 0); 17 Aug 2010 10:23:32 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy3.bluehost.com with SMTP; 17 Aug 2010 10:23:32 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:From:Content-Type:Subject:Date:Message-Id:To:Mime-Version:X-Mailer:X-Identified-User; b=db7LPO0DrHNvM6pXFhThZi3K91pzl0I6V+jBTA2tpE5kPXir73BD7lSlQ10mNVDai4CI2GqJuOr6SAMlurQVAt+aTOLp1IK2ZpWpO36LkIHBYDYPKOOdwhTWoFNLhxTP; Received: from [122.170.60.107] (helo=[192.168.1.5]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1OlJKM-0000J1-SH; Tue, 17 Aug 2010 04:23:32 -0600 From: Paresh Thakor Subject: SecKeyGeneratePair + remote login Date: Tue, 17 Aug 2010 15:53:18 +0530 Message-Id: To: apple-cdsa@lists.apple.com, cocoa-dev@lists.apple.com, libssh2 development Mime-Version: 1.0 (Apple Message framework v1078) X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.60.107 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 17 Aug 2010 12:23:54 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 17 Aug 2010 12:23:37 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0862490358==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============0862490358== Content-Type: multipart/alternative; boundary=Apple-Mail-3-938204535 --Apple-Mail-3-938204535 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Atlast I got some boost from developer.apple.com and got public/private = key pair. I'm using "CryptoSample.zip" from apple sample code. I've copied=20 (void)generateKeyPairPlease{ } from apple's developer website. But my question is that I need to feed = filepath to libssh2_userauth_publickey_fromfile() function so I can use = my public/private key for remote login with authenticated host. So, i = get public/private key and temporarily write this key into "Documents" = folder in application's folder. Then I pass the path to these = public/private keys to the above function, but it fails, it returns -1. I'm sure that my public key and authorize_keys2 on remote server both = have same content, then also i'm getting error like -1, so, ssh = connection fails. My point of view is from developer not user's. Am I = using proper way to generate public/private key pair for iPhone device = using the above function or I need to work for other function? Please = let me know if you have any suggestion. I need to have success for this = application. Regards, Paresh Thakor.= --Apple-Mail-3-938204535 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii developer.apple.com and got = public/private key pair.
I'm using "CryptoSample.zip" from apple = sample code.

I've = copied 
(voidfrom apple's developer website. But my = question is that I need to feed filepath to  function so I can use my = public/private key for remote login with authenticated host. So, i get = public/private key and temporarily write this key into "Documents" = folder in application's folder. Then I pass the path to these = public/private keys to the above function, but it fails, it returns = -1.

I'm sure that my public key = and authorize_keys2 on remote server both have same content, then also = i'm getting error like -1, so, ssh connection fails. My point of view is = from developer not user's. Am I using proper way to generate = public/private key pair for iPhone device using the above function or I = need to work for other function? Please let me know if you have any = suggestion. I need to have success for this = application.

Paresh = Thakor.
= --Apple-Mail-3-938204535-- --===============0862490358== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0862490358==-- From libssh2-devel-bounces@cool.haxx.se Tue Aug 17 23:24:55 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7HLOXsR013350; Tue, 17 Aug 2010 23:24:51 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7HLOWf3013343 for ; Tue, 17 Aug 2010 23:24:32 +0200 Date: Tue, 17 Aug 2010 23:24:32 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: ANNOUNCE: libssh2 1.2.7 Message-ID: User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 17 Aug 2010 23:24:55 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 17 Aug 2010 23:24:32 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi friends! I've just packaged, signed and uploaded libssh2 1.2.7 to the site. Get it as usual from: http://www.libssh2.org/ The RELEASE-NOTES looks like this: libssh2 1.2.7 This release includes the following changes: o Added Watcom makefile This release includes the following bugfixes: o Better handling of invalid key files o inputchecks: make lots of API functions check for NULL pointers o libssh2_session_callback_set: extended the man page o SFTP: limit write() to not produce overly large packets o agent: make libssh2_agent_userauth() work blocking properly o _libssh2_userauth_publickey: reject method names longer than the data o channel_free: ignore problems with channel_close() o typedef: make ssize_t get typedef without LIBSSH2_WIN32 o _libssh2_wait_socket: poll needs milliseconds o libssh2_wait_socket: reset error code to "leak" EAGAIN less o Added include for sys/select.h to get fd.set on some platforms o session_free: free more data to avoid memory leaks o openssl: make use of the EVP interface o Fix underscore typo for 64-bit printf format specifiers on Windows o Make libssh2_debug() create a correctly terminated string o userauth_hostbased_fromfile: packet length too short o handshake: Compression enabled at the wrong time o Don't overflow MD5 server hostkey This release would not have looked like this without help, code, reports and advice from friends like these: Alexander Lamaison, Guenter Knauf, Peter Stuge, Simon Josefsson, Lars Nordin, John Little, Daniel Stenberg, TJ Saunders, Tor Arntsen Thanks! (and sorry if I forgot to mention someone) -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 06:24:25 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7I4O7RN010395; Wed, 18 Aug 2010 06:24:22 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7I4O434010144 for ; Wed, 18 Aug 2010 06:24:04 +0200 Received: by qwg5 with SMTP id 5so104450qwg.41 for ; Tue, 17 Aug 2010 21:23:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=acP9EYP6BIkOsq7D4oMEhcMoj3mNhzpJy8YweTMdnBU=; b=qST1CDvAHb8kru0Mn8CGEGi/EQrbF0inbM0JVe3zdvb0iJRspj3HpZhM0UV7vM681M OhRznDEGfPEnZYOV5lGxucG3etzZPlNEteHCBcnbfRJBxMT5inJh1keV+dNHdvL6o+h1 dEvREPbIzatJ5fMzrwCLg6Fu10bYMa12qgGI4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=OPtPrgxClE7rJOHrD9tySVmmCEbiAMklMkkY9LslI/fJAKez/IQoGoAgDXItvbXGAZ BI3vXO0ZAwmwniuqqzyhmb1eEEctAsRa7enu3uXaN4DMKhEbudnlRfAbRwm1NCGF6foT srlhtX4307df2RXxbok6iZmhi98kA5aRrXv/M= MIME-Version: 1.0 Received: by 10.229.126.222 with SMTP id d30mr432349qcs.223.1282105438849; Tue, 17 Aug 2010 21:23:58 -0700 (PDT) Received: by 10.229.99.72 with HTTP; Tue, 17 Aug 2010 21:23:58 -0700 (PDT) In-Reply-To: <871vaaria4.fsf@mocca.josefsson.org> References: <87iq3on4n9.fsf@mocca.josefsson.org> <87aap0n3tp.fsf@mocca.josefsson.org> <871vaaria4.fsf@mocca.josefsson.org> Date: Tue, 17 Aug 2010 21:23:58 -0700 Message-ID: Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 From: "A. Mark" To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 06:24:25 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 06:24:05 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se I'm programming a peer to peer model application, my issue now is that I need to send a 128KB buffer securely between the two hosts. I believe the "direct tcp ip" approach of libssh2 is one solution, basically sshd acts as a tunnel between the two apps and the data is safe. I'm wondering though if this is way too cumbersome. If I could simply use the openssl library to create secure sockets it may be relatively simple, since all i need to do is send a block of data securely between the apps. I don't really know which one should be more straightforward to do. Can you advise? Thank you! _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 06:40:10 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7I4e1NP016195; Wed, 18 Aug 2010 06:40:09 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7I4e092016137 for ; Wed, 18 Aug 2010 06:40:00 +0200 Received: by qwg5 with SMTP id 5so115159qwg.41 for ; Tue, 17 Aug 2010 21:39:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=zdQuzVbBsP/YSacjO4K9scfOhy4OcEHZ7W0PCtpQs50=; b=uA03ZhLeNe5U5bKWXY8twJO7y4u28KtG1fpLIeX45OZdBSdNEC3negqPzvTTdpy3jz +5BSF+1MQbRHM6C+mcQ8ZlOMi2H+1ZZcgbCtUfEzaDI4/Nia4ZnCzU1EoUSEWkheAJyD 4fDbnWnA674VOxBjqig1iF9wrQ7J1jNifte9c= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=e3NrJSqB5zaRHRRqhRu/Hn2vZkMxPLRqG0lDHbjQzMi7b9gNyr7bZfCLnYEHpbLDNq hs0dQ4RO3YY7MaUqupqyovxBpf4pBtGkVuvFOX4i6vHcwLtuX0iIyyC54vs73bYF0GnJ N5AjvgdBVyQxlyI/Mf4wL9wWrrgNZC1vg4zj4= MIME-Version: 1.0 Received: by 10.229.224.137 with SMTP id io9mr4955167qcb.206.1282106395054; Tue, 17 Aug 2010 21:39:55 -0700 (PDT) Received: by 10.229.9.66 with HTTP; Tue, 17 Aug 2010 21:39:55 -0700 (PDT) Date: Wed, 18 Aug 2010 07:39:55 +0300 Message-ID: Subject: forward_listen + forward_accept + channel_read problem From: Alexandr Piskun To: libssh2-devel@cool.haxx.se X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 06:40:10 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 06:40:01 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1907804071==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1907804071== Content-Type: multipart/alternative; boundary=0016364d30b13dd303048e11a867 --0016364d30b13dd303048e11a867 Content-Type: text/plain; charset=ISO-8859-1 Good day. I have some problems when try to use libssh2 project. I compiled direct_tcpip.c example - works great. But i need forward tunnel. So i decide to use libssh2_channel_forward_listen and libssh2_channel_forward_accept functions. But i cant read from channel that libssh2_channel_forward_accept functions creates. libssh2_channel_read blocks. Maybe that function didnt see inbound daya.(i send data throw telnet). And i easy can write data to telnet with help of libssh2_channel_write function. But read fails, as i say. Maybe i miss something. Can u help me with my problem? --0016364d30b13dd303048e11a867 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Good day. I have some problems when try to use libssh2 project.
I compil= ed direct_tcpip.c example - works great.
But i need forward tunnel.
= So i decide to use libssh2_channel_forward_listen and libssh2_channel_forwa= rd_accept functions.
But i cant read from channel that libssh2_channel_forward_accept functions = creates.
libssh2_channel_read blocks. Maybe that function didnt see inbo= und daya.(i send data throw telnet).
And i easy can write data to telnet= with help of libssh2_channel_write function. But read fails, as i say.
Maybe i miss something.
Can u help me with my problem?
--0016364d30b13dd303048e11a867-- --===============1907804071== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1907804071==-- From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 10:52:57 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7I8qbTU008508; Wed, 18 Aug 2010 10:52:55 +0200 Received: from oproxy1-pub.bluehost.com (oproxy1-pub.bluehost.com [66.147.249.253]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7I8qWfC008403 for ; Wed, 18 Aug 2010 10:52:34 +0200 Received: (qmail 2179 invoked by uid 0); 18 Aug 2010 08:53:08 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy1.bluehost.com.bluehost.com with SMTP; 18 Aug 2010 08:53:08 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:From:Mime-Version:Content-Type:Subject:Date:In-Reply-To:To:References:Message-Id:X-Mailer:X-Identified-User; b=yZuURfk4gqipaRhHMcm8z4DgnEEN2Q7r8FRL++HX2K4Ug/4osPUdI1j36/rLyuYKe1AlECFok8U79Phy94rulk1PxAymXEjrGpi/mVMjalUlItdARgnXlwt4N/3xzeqC; Received: from [122.170.31.113] (helo=[192.168.1.8]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1OleNo-0008B1-RQ for libssh2-devel@cool.haxx.se; Wed, 18 Aug 2010 02:52:30 -0600 From: Paresh Thakor Mime-Version: 1.0 (Apple Message framework v1078) Subject: Re: forward_listen + forward_accept + channel_read problem Date: Wed, 18 Aug 2010 14:22:24 +0530 In-Reply-To: To: libssh2 development References: Message-Id: X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.31.113 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 10:52:57 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 10:52:35 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1371244127==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1371244127== Content-Type: multipart/alternative; boundary=Apple-Mail-11-1019149919 --Apple-Mail-11-1019149919 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hi Alexandr, I'm also working on libssh2 API. And my issues is with = libssh2_userauth_publickey_fromfile(). I'm using apple's sample code = with=20 - (void)generateKeyPairPlease{ } and=20 SecKeyGeneratePair() inside the above method. You can take a look at apple's sample code for = this. Now, i need to encode keys to log or take them as string, so, i can = write these keys into files which are accessible to libssh2 function = because it needs filepath, right? But i always have -1 (error) as = output. I don't know if i'm having few mistakes writing keypair. i've = written keys into id_rsa and id_rsa.pub inside documents folder. Few weeks back i'd tried system('ssh-keygen') also but this will not = work on device, so, we need to get into Security.framework. So, I used = the above code. I've use other application to test correct public key = but it returns different key. Private key i'm getting is: MIUAAAAEvzANBgkqhkiG9w0BAQEFAAOFAAAABKkAMIIEpAIBAAKCAQEAiTbE//ms cOUNASa2kM0xcvuUOX2abuTVze883U7uO8QvdQSKuOCOYp5Lm7ZWCSig/F9cAQJ5 qE5ZCEgLWrBYA4qcpHBb9cM5d6B1g5qIejjw11y7v3LmRoLYbC1qeZQ5S0YZh18L 30cVHQiwYfDw9T0M5vgJ7p1UwmtuM4SwT2+G05iiqKrJwugkFRZLC47haRIWF6IX 2i2GlPoW7cxLKsHITFcp+UlTLqa7E345yUTsIdig59uuMr1Ro9nwQUOrgiaA7rNo xIMJwZ7FW94hrOe0TsJndrudhiIp18c6tfd4U1puyFQpyWxcHvR6C3VrcOaidCEx cGRR0NsfToun9wIDAQABAoIBAQCBmNxKVLv9SSmWO8VVUKjyzBE8l5hkQvh5cAuR jzpN8sdMA8UuRtHU7WPGJ1ptfhVHKJ4SSg8z2wQWYU1wE3ydo669VW5V2lUN2t0D NtLOdbdsAadGdLRwRqc4zVBykn/my8fS5v+knFOhv5Iwf0xmpInqIL3oxGrI0oUc XafU7ZFpXLZQdG1anesMmVQvTF+H0kGQXa8eMd3MKCxIsewP/HHgAE90kNDaWDoL Df6+UrpadqvThqC9kWXVw9Z6bW4JVj1+4sODWhS5ifn++VbITcCDXF/Mw+lr3isr 3jxAVB5XPMMh1/V3k9p063qsFLM5k/i6/KC4EtzkIbETm3rJAoGBAT6NUlHIZHjB 6FFDtw4/3olihnqtFCW5q2c5PMo2MubEZJdl4lYooPW7svOEn5UJ1hhAZx0ABP6K ZmL6vIY6osKCcqnHDrvKfABAGhpJhObyesjc2GrtGKS/ZaZo8o10Eei+hOh/ad0B fRpqAS5dNTfbB+EJPpZAHoC4cC4kkHXTAoGAbkUmM/hx91PsrBFUg6rxkuwZFPfS tII3RftySqIgG4x03V9T3QnRKJXAE6BKFmjqMNO+4tMpeqHPAi9VmgqEPTQ9/xwp SqgTI1kIz+i/5ZHwLngCtqz3Le4dX3sEZy/WouCeFDJ2NjOctv+KC8428LRqhtfA 8kbVx2fBhPZ2us0CgYEBDfSPpZUQaDHT4kJjeGTx/zWKx52zrEDLm/+qn6cMvfoD UTZbeC6YMYduoOZsos4iLI0vlSj2EoxRNmJMr+gzFGmeKHjz6HsxWLj6JfrV8S3e lihqEzt4ne1BhKP9oZiSsM38LlgD6/IeBet9sr/0oLAy3ieKbaRK9UTYdJIyBlcC gYAD4bVFkRJZ9X9YU0fZVrQoSt1bKpolNoxBj2dnjyt4LMqUXF20YzsUpajcSAEz pr/PtjR7AZntMjL6TbZCtOoQyX0BNPmTIjWCQgkYYIYYy7lbuWfHDHGrET3BdbAi /cEdfLCz307f+5Mhsf8nCTxP3tn9Iy0smie+XD2os5BcZQKBgQCiT4h06I0QaVNd ckkh6TS5rVTFwfevYSNrMI5tRUWovLwD7vW5I4Bq2asgRP2KuxOBpfr0HxR4YlAf DFeVt/oCCYD8kkcdZTZm2HBTCt5oWau0+q5+ipLK0qYncTlEcV+rVdKXcXC/3no8 3c00+Eo3sCIdXbHhtcIHKkdyx4tQ6A=3D=3D and public key is: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTbE//mscOUNASa2kM0x cvuUOX2abuTVze883U7uO8QvdQSKuOCOYp5Lm7ZWCSig/F9cAQJ5qE5ZCEgLWrBY A4qcpHBb9cM5d6B1g5qIejjw11y7v3LmRoLYbC1qeZQ5S0YZh18L30cVHQiwYfDw 9T0M5vgJ7p1UwmtuM4SwT2+G05iiqKrJwugkFRZLC47haRIWF6IX2i2GlPoW7cxL KsHITFcp+UlTLqa7E345yUTsIdig59uuMr1Ro9nwQUOrgiaA7rNoxIMJwZ7FW94h rOe0TsJndrudhiIp18c6tfd4U1puyFQpyWxcHvR6C3VrcOaidCExcGRR0NsfToun 9wIDAQAB I'm writing the same format or content into id_rsa and id_rsa.pub file, = is that correct or we need to write these keys into some special format? = Please let me know if we have to about few format specification guide. I don't know why my code is not working, what i get is wrong..! Please = help me if you have any solution. Regards, Paresh Thakor. On Aug 18, 2010, at 10:09 AM, Alexandr Piskun wrote: > Good day. I have some problems when try to use libssh2 project. > I compiled direct_tcpip.c example - works great. > But i need forward tunnel.=20 > So i decide to use libssh2_channel_forward_listen and = libssh2_channel_forward_accept functions. > But i cant read from channel that libssh2_channel_forward_accept = functions creates. > libssh2_channel_read blocks. Maybe that function didnt see inbound = daya.(i send data throw telnet). > And i easy can write data to telnet with help of libssh2_channel_write = function. But read fails, as i say. > Maybe i miss something. > Can u help me with my problem? > _______________________________________________ > libssh2-devel = http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --Apple-Mail-11-1019149919 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii Hi = Alexandr,

I'm also working on libssh2 API. And my = issues is with - (void)generateKeyPairPlease{
}
9wIDAQAB

I'm = writing the same format or content into id_rsa and id_rsa.pub file, is = that correct or we need to write these keys into some special format? = Please let me know if we have to about few format specification = guide.

I don't know why my code is not working, = what i get is wrong..! Please help me if you have any = solution.

Regards,
Paresh = Thakor.

On Aug 18, 2010, at 10:09 AM, Alexandr = Piskun wrote:

Good day. I have some problems when try to use libssh2 = project.
I compiled direct_tcpip.c example - works great.
But i = need forward tunnel.
So i decide to use = libssh2_channel_forward_listen and libssh2_channel_forward_accept = functions.
But i cant read from channel that libssh2_channel_forward_accept = functions creates.
libssh2_channel_read blocks. Maybe that function = didnt see inbound daya.(i send data throw telnet).
And i easy can = write data to telnet with help of libssh2_channel_write function. But = read fails, as i say.
Maybe i miss something.
Can u help me with my problem?
_______________________________________________
libssh2-devel http:/= /cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
<= /div>
= --Apple-Mail-11-1019149919-- --===============1371244127== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1371244127==-- From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 13:35:40 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IBZOQs011621; Wed, 18 Aug 2010 13:35:38 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IBZNCr011613 for ; Wed, 18 Aug 2010 13:35:24 +0200 Received: by qwg5 with SMTP id 5so461069qwg.41 for ; Wed, 18 Aug 2010 04:35:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; bh=Vngtpt3W4vf6z8BVwMv36o4TEZI6VWvkooPcIU4W5TA=; b=oqLv/XJrzfOS2MaRFJ6ElpQqSjvDqUjnPpW+q8KIvj48YDy8rNOCmy5l/iJ3LB01Hm v2zUX3hp6TZ/pKuP+GbpmvCfp2nOPThuY0Lr5JhlZfrn18LqQBaay+b9R4Bb8Qmy5eno DTYEdX4GfznY6+CrGYGhQRQvDlDfxEdHyf8zc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=Jtdsbefe5zFvkLeL9yiNk0ysB14IT6O5i/n0q3ecIpnQ+tZlzNIfy8TeDSRY6i+898 iRFlclhJphvdEm3AC2shT9DOhOu8R0Vaf2vrHvcxd6YtyPeSDbjit7ODVoKST/3uancK 9yDL1Jbx4sT8xPzEaWu8tgpI9Ml30OScD2i5A= MIME-Version: 1.0 Received: by 10.224.29.16 with SMTP id o16mr5278094qac.343.1282131316702; Wed, 18 Aug 2010 04:35:16 -0700 (PDT) Received: by 10.229.37.138 with HTTP; Wed, 18 Aug 2010 04:35:16 -0700 (PDT) In-Reply-To: References: Date: Wed, 18 Aug 2010 12:35:16 +0100 X-Google-Sender-Auth: 3ZybXIcJq72yOek6W8ZreoElPE4 Message-ID: Subject: Re: forward_listen + forward_accept + channel_read problem From: Alexander Lamaison To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 13:35:40 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 13:35:24 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On 18 August 2010 09:52, Paresh Thakor w= rote: > Hi Alexandr, > I'm also working on libssh2 API. And my issues is > with=A0libssh2_userauth_publickey_fromfile(). How dare you hijack someone else's question. Go away. Learn some ettiquet= te. Alex _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 13:44:20 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IBiGrl018642; Wed, 18 Aug 2010 13:44:19 +0200 Received: from oproxy1-pub.bluehost.com (oproxy1-pub.bluehost.com [66.147.249.253]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7IBiEVk018579 for ; Wed, 18 Aug 2010 13:44:15 +0200 Received: (qmail 26846 invoked by uid 0); 18 Aug 2010 11:44:50 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy1.bluehost.com.bluehost.com with SMTP; 18 Aug 2010 11:44:50 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Content-Transfer-Encoding:Message-Id:References:To:X-Mailer:X-Identified-User; b=ikDQ2e+HnZPQLks0UU1+UZjZsl/3qwslrdpuHekBmUi2FNbLQJ3zS5AELlgF3n/re0zpsW87d/BzLvNLKHQnFpzYDvzeJPYvtl3290+fKowBhEH/MibFU2PPeN0XD/FK; Received: from [122.170.31.113] (helo=[192.168.1.8]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1Olh3z-0005R1-LF for libssh2-devel@cool.haxx.se; Wed, 18 Aug 2010 05:44:12 -0600 Mime-Version: 1.0 (Apple Message framework v1078) Subject: Re: forward_listen + forward_accept + channel_read problem From: Paresh Thakor In-Reply-To: Date: Wed, 18 Aug 2010 17:14:01 +0530 Message-Id: <296CFA8C-B235-466A-A90C-F11E51111432@moontechnolabs.com> References: To: libssh2 development X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.31.113 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 13:44:20 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 13:44:15 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Not hijacked the question man..! I just asked you for help if you can...! I don't know who you're but it's just to inform you that I've good manners and etiquette than you cause if i can't help then i don't blame and try to teach manners. By the way, other sources are better than this, cause here people only wastes time in teaching manners rather than helping and solving problems. Don't maintain mailing lists if you can't help someone, this is to help and show your ideas to each other. Nothing is private..! Regards, Paresh Thakor. On Aug 18, 2010, at 5:05 PM, Alexander Lamaison wrote: > On 18 August 2010 09:52, Paresh Thakor wrote: >> Hi Alexandr, >> I'm also working on libssh2 API. And my issues is >> with libssh2_userauth_publickey_fromfile(). > > How dare you hijack someone else's question. Go away. Learn some ettiquette. > > Alex > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 14:43:46 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IChT3i015889; Wed, 18 Aug 2010 14:43:43 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7IChRLL015848 for ; Wed, 18 Aug 2010 14:43:27 +0200 Received: (qmail 6086 invoked by uid 501); 18 Aug 2010 12:43:25 -0000 Message-ID: <20100818124325.6085.qmail@stuge.se> Date: Wed, 18 Aug 2010 14:43:25 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Mailing list practice and libssh2 education Mail-Followup-To: libssh2-devel@cool.haxx.se References: <296CFA8C-B235-466A-A90C-F11E51111432@moontechnolabs.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <296CFA8C-B235-466A-A90C-F11E51111432@moontechnolabs.com> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 14:43:46 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 14:43:27 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Paresh Thakor wrote: > Not hijacked the question man..! Yes, you did hijack the email thread. The term means to send a reply to an email discussion about a new topic. You did this. The original discussion was about tcpip-forward channels. You replied and wrote (again) about your key problem on iPhone. These two are unrelated subjects. > By the way, other sources are better than this, cause here people > only wastes time in teaching manners rather than helping and > solving problems. Don't maintain mailing lists if you can't help > someone, this is to help and show your ideas to each other. The problem is that you have been asking for the wrong kind of help. This mailing list is for libssh2, not for iPhone application development nor for Windows nor Mac OS development. It is very much assumed that anyone asking questions here is already very confident in their working environment, and that they have run into some problem only for using libssh2. With your previous questions you have demonstrated that you are *not* really confident and efficient at software development in the environment of your current project, which means that you will not likely be able to ask the relevant questions about libssh2, which means that the mailing list participants would have to spend a large amount of time on educating you about things that have nothing to do with libssh2. We don't have time for this. You have to do that on your own, and return when you are better prepared to make use of this project. The email discussion hijacking is the same problem. Mailing lists are meant to be used only in a certain way, which may require detailed technical knowledge about email systems, which not everyone has. Those who lack that knowledge often do not use mailing lists correctly, and again it's not the point of the mailing list to educate about mailing lists. This is a chicken and egg problem, but basically again there's just no time to educate you. As you know from the license of libssh2, there is *NO* guarantee or promise of education. You have to do that on your own. I wrote a longer version on this topic on the coreboot mailing list: http://www.mail-archive.com/coreboot@coreboot.org/msg25462.html I understand that it may be difficult to make use of libssh2 in a new project in a new development environment, but that is fundamentally not our problem. I'm sorry, but you have to solve that on your own. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 14:56:52 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7ICuk0P020612; Wed, 18 Aug 2010 14:56:51 +0200 Received: from oproxy3-pub.bluehost.com (oproxy3-pub.bluehost.com [69.89.21.8]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7ICuftF020603 for ; Wed, 18 Aug 2010 14:56:43 +0200 Received: (qmail 26100 invoked by uid 0); 18 Aug 2010 12:56:38 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy3.bluehost.com with SMTP; 18 Aug 2010 12:56:37 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:From:Mime-Version:Content-Type:Subject:Date:In-Reply-To:To:References:Message-Id:X-Mailer:X-Identified-User; b=OxMUdRyEojxkrzCVtB3eYG7RQyyTZ+bjRnTqs/rukWn3wT0WNnPRVgAOTz+i2vbehXzWbKDgpSoZf/s3XZd8pMehRmL28OuiaPV8UI2/mi8YrLSVs9IYw7w1tYhchYxL; Received: from [122.170.32.67] (helo=[192.168.1.8]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1OliC3-0000F1-Vd for libssh2-devel@cool.haxx.se; Wed, 18 Aug 2010 06:56:37 -0600 From: Paresh Thakor Mime-Version: 1.0 (Apple Message framework v1078) Subject: Re: Mailing list practice and libssh2 education Date: Wed, 18 Aug 2010 18:26:29 +0530 In-Reply-To: <20100818124325.6085.qmail@stuge.se> To: libssh2 development References: <296CFA8C-B235-466A-A90C-F11E51111432@moontechnolabs.com> <20100818124325.6085.qmail@stuge.se> Message-Id: X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.170.32.67 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 14:56:52 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 14:56:44 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0481930800==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============0481930800== Content-Type: multipart/alternative; boundary=Apple-Mail-19-1033795330 --Apple-Mail-19-1033795330 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hey man, I don't want spoon feed. Although I'm new I made the project stable and getting closer to = solution combining all references from Internet. I just asked help not = rebuke..! Just ignore if you doesn't concern with this..! Such warnings = I had when i subscribed to mailing list that "Ignore mails that doesn't = concern you". It's regrettable for my posts here. But mailing lists are = maintained to share and solve problems not to finger each other. Regards, Paresh Thakor. On Aug 18, 2010, at 6:13 PM, Peter Stuge wrote: > Paresh Thakor wrote: >> Not hijacked the question man..! >=20 > Yes, you did hijack the email thread. The term means to send a reply > to an email discussion about a new topic. You did this. The original > discussion was about tcpip-forward channels. You replied and wrote > (again) about your key problem on iPhone. These two are unrelated > subjects. >=20 >=20 >> By the way, other sources are better than this, cause here people >> only wastes time in teaching manners rather than helping and >> solving problems. Don't maintain mailing lists if you can't help >> someone, this is to help and show your ideas to each other. >=20 > The problem is that you have been asking for the wrong kind of help. >=20 > This mailing list is for libssh2, not for iPhone application > development nor for Windows nor Mac OS development. It is very much > assumed that anyone asking questions here is already very confident > in their working environment, and that they have run into some > problem only for using libssh2. >=20 > With your previous questions you have demonstrated that you are *not* > really confident and efficient at software development in the > environment of your current project, which means that you will not > likely be able to ask the relevant questions about libssh2, which > means that the mailing list participants would have to spend a large > amount of time on educating you about things that have nothing to do > with libssh2. We don't have time for this. >=20 > You have to do that on your own, and return when you are better > prepared to make use of this project. >=20 >=20 > The email discussion hijacking is the same problem. Mailing lists > are meant to be used only in a certain way, which may require > detailed technical knowledge about email systems, which not everyone > has. Those who lack that knowledge often do not use mailing lists > correctly, and again it's not the point of the mailing list to > educate about mailing lists. This is a chicken and egg problem, but > basically again there's just no time to educate you. >=20 > As you know from the license of libssh2, there is *NO* guarantee or > promise of education. You have to do that on your own. >=20 > I wrote a longer version on this topic on the coreboot mailing list: > http://www.mail-archive.com/coreboot@coreboot.org/msg25462.html >=20 >=20 > I understand that it may be difficult to make use of libssh2 in a > new project in a new development environment, but that is > fundamentally not our problem. I'm sorry, but you have to solve that > on your own. >=20 >=20 > //Peter > _______________________________________________ > libssh2-devel = http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --Apple-Mail-19-1033795330 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii But mailing lists are maintained to share and solve = problems not to finger each = other.

Regards,
Paresh = Thakor.

On Aug 18, 2010, at 6:13 PM, Peter Stuge = wrote:

Paresh Thakor wrote:
Not = hijacked the question man..!

Yes, you did hijack the = email thread. The term means to send a reply
to an email discussion = about a new topic. You did this. The original
discussion was about = tcpip-forward channels. You replied and wrote
(again) about your key = problem on iPhone. These two are = unrelated
subjects.


By the way, = other sources are better than this, cause here = people
only wastes time in = teaching manners rather than helping and
solving problems. Don't maintain mailing lists if you = can't help
someone, this is to = help and show your ideas to each other.

The problem = is that you have been asking for the wrong kind of help.

This = mailing list is for libssh2, not for iPhone application
development = nor for Windows nor Mac OS development. It is very much
assumed that = anyone asking questions here is already very confident
in their = working environment, and that they have run into some
problem only = for using libssh2.

With your previous questions you have = demonstrated that you are *not*
really confident and efficient at = software development in the
environment of your current project, = which means that you will not
likely be able to ask the relevant = questions about libssh2, which
means that the mailing list = participants would have to spend a large
amount of time on educating = you about things that have nothing to do
with libssh2. We don't have = time for this.

You have to do that on your own, and return when = you are better
prepared to make use of this project.


The = email discussion hijacking is the same problem. Mailing lists
are = meant to be used only in a certain way, which may require
detailed = technical knowledge about email systems, which not everyone
has. = Those who lack that knowledge often do not use mailing = lists
correctly, and again it's not the point of the mailing list = to
educate about mailing lists. This is a chicken and egg problem, = but
basically again there's just no time to educate you.

As = you know from the license of libssh2, there is *NO* guarantee = or
promise of education. You have to do that on your own.

I = wrote a longer version on this topic on the coreboot mailing list:
h= ttp://www.mail-archive.com/coreboot@coreboot.org/msg25462.html

=
I understand that it may be difficult to make use of libssh2 in = a
new project in a new development environment, but that = is
fundamentally not our problem. I'm sorry, but you have to solve = that
on your = own.


//Peter
_______________________________________________=
libssh2-devel = http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

= --Apple-Mail-19-1033795330-- --===============0481930800== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0481930800==-- From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 15:10:35 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IDAToW030307; Wed, 18 Aug 2010 15:10:34 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7IDASrh030297 for ; Wed, 18 Aug 2010 15:10:28 +0200 Received: (qmail 10647 invoked by uid 501); 18 Aug 2010 13:10:26 -0000 Message-ID: <20100818131026.10646.qmail@stuge.se> Date: Wed, 18 Aug 2010 15:10:26 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: SecKeyGeneratePair + remote login Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 15:10:35 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 15:10:28 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Paresh Thakor wrote: > I'm also working on libssh2 API. And my issues is with > libssh2_userauth_publickey_fromfile(). I'm using apple's sample code > with > - (void)generateKeyPairPlease{ > } > > and > SecKeyGeneratePair() > inside the above method. You can take a look at apple's sample code > for this. Why should we? You should provide the relevant information when you ask for help. Remember that we are not working for you.. > Now, i need to encode keys to log or take them as string, so, i can > write these keys into files which are accessible to libssh2 > function because it needs filepath, right? At the moment, yes, libssh2 needs both the private key and the public key to be saved in files. > But i always have -1 (error) as output. Output from what? > I don't know if i'm having few mistakes writing keypair. i've > written keys into id_rsa and id_rsa.pub inside documents folder. Which file you save the keys in is of course not important, since you give libssh2 the filenames. The format is important however. > Private key i'm getting is: > MIUAAAAEvzANBgkqhkiG9w0BAQEFAAOFAAAABKkAMIIEpAIBAAKCAQEAiTbE//ms .. > 3c00+Eo3sCIdXbHhtcIHKkdyx4tQ6A== (Please don't use this key except for testing now that you have sent it out to the world.) > and public key is: > MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTbE//mscOUNASa2kM0x .. > 9wIDAQAB > > I'm writing the same format or content into id_rsa and id_rsa.pub > file, is that correct or we need to write these keys into some > special format? That's not quite correct. They need to be in the same format as the OpenSSH tool ssh-keygen produces. For the private key this is the RSA key PEM format also used by OpenSSL. For the public key, it is an OpenSSH specific format, basically you only need to prepend the algorithm to the string that you already have, so it would something like: ssh-rsa MII... You can use ssh-keygen from OpenSSH to convert between a couple of different file formats, but the private key will need more work than the public key if you can not use OpenSSL. OpenSSH calls the OpenSSL function PEM_write_RSAPrivateKey() to create private keys from an OpenSSL RSA key. Of course, to get complete examples of the key types, you can just run ssh-keygen from OpenSSH on some system and look at the files. This would have been a good idea to do already. > Please let me know if we have to about few format specification > guide. Look around OpenSSL for info about the PEM format used for private keys. Hopefully you can easily make the same file using whatever toolkit or framework your environment offers. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 15:47:17 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IDl19X020558; Wed, 18 Aug 2010 15:47:16 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7IDkxsD020542 for ; Wed, 18 Aug 2010 15:46:59 +0200 Received: (qmail 16969 invoked by uid 501); 18 Aug 2010 13:46:56 -0000 Message-ID: <20100818134656.16968.qmail@stuge.se> Date: Wed, 18 Aug 2010 15:46:56 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: forward_listen + forward_accept + channel_read problem Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 15:47:17 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 15:46:59 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Alexandr, Alexandr Piskun wrote: > Good day. I have some problems when try to use libssh2 project. > I compiled direct_tcpip.c example - works great. Glad to hear that. > But i need forward tunnel. > So i decide to use libssh2_channel_forward_listen and > libssh2_channel_forward_accept functions. > But i cant read from channel that libssh2_channel_forward_accept > functions creates. libssh2_channel_read blocks. Maybe that function > didnt see inbound daya.(i send data throw telnet). How did you send data? Did you also send a newline? I'm not sure that the telnet program will read single bytes from the terminal and send them out, it might be line based. > And i easy can write data to telnet with help of > libssh2_channel_write function. But read fails, as i say. > Maybe i miss something. > Can u help me with my problem? Need more information. Please enable debug logging in libssh2 and call libssh2_trace(session,~0); in your application before calling libssh2_channel_forward_accept() and send the log to the list. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 16:45:15 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IEj6T4024413; Wed, 18 Aug 2010 16:45:13 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7IEj4x4024224 for ; Wed, 18 Aug 2010 16:45:04 +0200 Received: (qmail 26040 invoked by uid 501); 18 Aug 2010 14:45:02 -0000 Message-ID: <20100818144502.26039.qmail@stuge.se> Date: Wed, 18 Aug 2010 16:45:02 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: libssh2 master 6c6c43f Removed Win32 ifdef completely for sys/uio.h. Mail-Followup-To: libssh2-devel@cool.haxx.se References: <20100818144039.1631.qmail@earth.stuge.se> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20100818144039.1631.qmail@earth.stuge.se> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 16:45:15 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 16:45:04 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se libssh2@git.stuge.se wrote: > - Log ----------------------------------------------------------------- > commit 6c6c43f92c599ca955ce4fbf4c33da37348250b2 > Author: Author: Guenter Knauf (Please don't add the Author: prefix to the --author string. :) > No idea why we had this ifdef at all but MSVC, MingW32, Watcom > and Borland all have no sys/uio.h header; so if there's another > Win32 compiler which needs it then it should be added explicitely > instead of this negative list. The only one left is Cygwin. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 16:50:29 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IEoK4C026866; Wed, 18 Aug 2010 16:50:28 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7IEoIMG026860 for ; Wed, 18 Aug 2010 16:50:19 +0200 Received: (qmail 26942 invoked by uid 501); 18 Aug 2010 14:50:16 -0000 Message-ID: <20100818145016.26941.qmail@stuge.se> Date: Wed, 18 Aug 2010 16:50:16 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 Mail-Followup-To: libssh2-devel@cool.haxx.se References: <87iq3on4n9.fsf@mocca.josefsson.org> <87aap0n3tp.fsf@mocca.josefsson.org> <871vaaria4.fsf@mocca.josefsson.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 16:50:29 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 16:50:19 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se A. Mark wrote: > I'm programming a peer to peer model application, Then you need to consider if SSH is the best protocol for you. > my issue now is that I need to send a 128KB buffer securely between > the two hosts. What exactly does "securely" mean here? > I believe the "direct tcp ip" approach of libssh2 is one solution, > basically sshd acts as a tunnel between the two apps and the data is > safe. I'm wondering though if this is way too cumbersome. Yes, it is. But it also depends on the problem you want to solve. You didn't describe that at all, so we can't really help you. > If I could simply use the openssl library to create secure sockets > it may be relatively simple, since all i need to do is send a block > of data securely between the apps. This is not simple. You must consider many things, in order to correctly define "securely". SSL/TLS and SSH are not some magic "security" layers. You must really understand the security requirements in the application. Please describe your requirements, in detail. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 16:52:04 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IEq2Vx027369; Wed, 18 Aug 2010 16:52:03 +0200 Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IEq0Jw027312 for ; Wed, 18 Aug 2010 16:52:00 +0200 Received: from [IPv6:2001::53aa:64c:0:1427:525d:2925] (unknown [IPv6:2001:0:53aa:64c:0:1427:525d:2925]) by toccata.fugue.com (Postfix) with ESMTPSA id 41D3F34E457A for ; Wed, 18 Aug 2010 10:52:12 -0400 (EDT) From: Ted Lemon Mime-Version: 1.0 (Apple Message framework v1081) Subject: libssh2_userauth_publickey Date: Wed, 18 Aug 2010 10:51:55 -0400 In-Reply-To: To: libssh2 development References: Message-Id: <3A2DAED0-2F9B-4CC9-B40C-F6118DC16DBE@fugue.com> X-Mailer: Apple Mail (2.1081) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 16:52:04 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 16:52:01 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1653539977==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1653539977== Content-Type: multipart/alternative; boundary=Apple-Mail-1-1040721326 --Apple-Mail-1-1040721326 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On Aug 18, 2010, at 4:52 AM, Paresh Thakor wrote: > I'm also working on libssh2 API. And my issues is with = libssh2_userauth_publickey_fromfile(). I'm using apple's sample code = with=20 > - (void)generateKeyPairPlease{ > } Prakesh, if you look in src/userauth.c, you can see that there's an API = function, libssh2_userauth_publickey, which sort of does what you want. = You would have to write a callback function, analogous to the = sign_fromfile() function in userauth.c, which would do the signature = using the private key that you've generated, rather than loading the = private key from a file. You should be very careful to use good = virtual memory hygiene when using private keys--make sure the private = key isn't written to swap, and that it's not readable by another = process. --Apple-Mail-1-1040721326 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
I'm also = working on libssh2 API. And my issues is with - (void)generateKeyPairPlease{
Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IFxrxO000735; Wed, 18 Aug 2010 18:00:08 +0200 Received: from mail-qy0-f175.google.com (mail-qy0-f175.google.com [209.85.216.175]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IFxp07000722 for ; Wed, 18 Aug 2010 17:59:51 +0200 Received: by qyk8 with SMTP id 8so126435qyk.20 for ; Wed, 18 Aug 2010 08:59:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=lmX3nxcxzR9ByriDak1krx67zCULrbX4CVpQKFBCxzo=; b=KM10pseM524V1//FRFOlFoyYK7MRGykA9tywtIOLbtSFsE5beeJe/ymiqDffaGXddu xipQ7ZEkvw2KJO1N3J6rYK18o0wQzznal1EncvuAKXAFvywCZ1kigE2zHwM6/1WFIkQe 9bIM9qjfE3M0zAfNQzu48oY86yZGtmvctZv5Y= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=BAe812C6Fh/dB7njW7ahpRFAsZn0PPdvKFSPTIbb76oGPG9eBN594qEfKe5sy7vDOv KzvH/7HZ7UwTnN4XWAnsToy+k2kJL721qefovo1yr2IQ0hENS71xahnsaom2mhD4R4Z7 XrKuekmgu3xL3aBDK+14dsdHgv3qaQQ9Xst94= MIME-Version: 1.0 Received: by 10.224.104.153 with SMTP id p25mr5594382qao.98.1282147182502; Wed, 18 Aug 2010 08:59:42 -0700 (PDT) Received: by 10.229.99.72 with HTTP; Wed, 18 Aug 2010 08:59:41 -0700 (PDT) In-Reply-To: <20100818145016.26941.qmail@stuge.se> References: <87iq3on4n9.fsf@mocca.josefsson.org> <87aap0n3tp.fsf@mocca.josefsson.org> <871vaaria4.fsf@mocca.josefsson.org> <20100818145016.26941.qmail@stuge.se> Date: Wed, 18 Aug 2010 08:59:41 -0700 Message-ID: Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 From: "A. Mark" To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 18:00:13 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 17:59:52 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Ok, I can be more specific. The 128KB buffer to be sent should be encrypted with asymetric encryption preferably AES-256 or equal. It would be also necessary to authenticate the hosts before sending this data.The data would ideally be sendable both ways, but only one way per application run and only once. Basically the data sent are symmetric keys for a stream cipher that the apps will be using subsequently. I'm using Gcrypt to generate secure memory buffers for the 128KB initial data to be sent but gcrypt does not provide an api to secure sockets. So, I was thinking either openssl or polarssl, or the libssh2 approach (direct tcp-ip). And yes it did occur to me that setting up the above with SSL / TLS libs is a pain because i have to worry about certificates and i don't really know enough about those things. I hope this is enough info...Thank you! _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 20:01:32 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7II1EOI013358; Wed, 18 Aug 2010 20:01:30 +0200 Received: from dns-factory.at (mail.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7II1CEM013314 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 18 Aug 2010 20:01:13 +0200 Received: from [172.17.100.7] lists@gknw.net [84.63.37.175] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Wed, 18 Aug 2010 20:01:01 +0200 Message-ID: <4C6C1FD4.7070104@gknw.net> Date: Wed, 18 Aug 2010 20:00:52 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.8) Gecko/20100802 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: libssh2 master 6c6c43f Removed Win32 ifdef completely for sys/uio.h. References: <20100818144039.1631.qmail@earth.stuge.se> <20100818144502.26039.qmail@stuge.se> In-Reply-To: <20100818144502.26039.qmail@stuge.se> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 20:01:32 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 20:01:13 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi, Am 18.08.2010 16:45, schrieb Peter Stuge: > libssh2@git.stuge.se wrote: >> - Log ----------------------------------------------------------------- >> commit 6c6c43f92c599ca955ce4fbf4c33da37348250b2 >> Author: Author: Guenter Knauf > > (Please don't add the Author: prefix to the --author string. :) oh, that was what I've read from some man page somewhere; I made an = mistake where I commited as root (had to mount a cifs drive, and later = forgot to logout in order to be regular user); so I had to use 'git = commit --amend --author=3D... >> No idea why we had this ifdef at all but MSVC, MingW32, Watcom >> and Borland all have no sys/uio.h header; so if there's another >> Win32 compiler which needs it then it should be added explicitely >> instead of this negative list. > > The only one left is Cygwin. and Cygwin needs to have LIBSSH2_WIN32 defined?? really? G=FCn. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 20:10:55 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IIAoYG020796; Wed, 18 Aug 2010 20:10:54 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IIAmMq020788 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 18 Aug 2010 20:10:48 +0200 Received: from mocca (static-93.158.79.102.got.public.icomera.com [93.158.79.102]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o7IIAbBg021343 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Wed, 18 Aug 2010 20:10:41 +0200 From: Simon Josefsson To: libssh2 development Subject: ANNOUNCE: Windows build of libssh2 1.2.7 References: OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100818:libssh2-devel@cool.haxx.se::CXbSIspox+bopISy:7maH Date: Wed, 18 Aug 2010 20:10:27 +0200 In-Reply-To: (Daniel Stenberg's message of "Tue, 17 Aug 2010 23:24:32 +0200 (CEST)") Message-ID: <871v9v7pws.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=3.0 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RCVD_IN_XBL,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 20:10:55 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 20:10:48 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se I have prepared a Windows (32 bit) binary build of the latest libssh2 release. It built fine without any patches this time too. http://josefsson.org/gnutls4win/libssh2-1.2.7.zip http://josefsson.org/gnutls4win/libssh2-1.2.7.zip.sig http://josefsson.org/gnutls4win/mingw32-libssh2_1.2.7-1_all.deb /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 20:17:42 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IIHZPT023399; Wed, 18 Aug 2010 20:17:41 +0200 Received: from dns-factory.at (mx03.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IIHYXW023390 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 18 Aug 2010 20:17:34 +0200 Received: from [172.17.100.7] lists@gknw.net [84.63.37.175] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Wed, 18 Aug 2010 20:17:21 +0200 Message-ID: <4C6C23A1.5010300@gknw.net> Date: Wed, 18 Aug 2010 20:17:05 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.8) Gecko/20100802 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: ANNOUNCE: libssh2 1.2.7 References: In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 20:17:42 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 20:17:34 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Daniel, Am 17.08.2010 23:24, schrieb Daniel Stenberg: > I've just packaged, signed and uploaded libssh2 1.2.7 to the site. Get > it as usual from: http://www.libssh2.org/ I'm really sorry, but seems that I broke some things .... - forgot to add win32/Makefile.Watcom and win32/libssh2.rc to Makefile.am - forgot to commit the fix for libssh2.h for sys/uio.h inclusion - in Makefile.win32 inserted include path at wrong place as a result of these the Watcom makefile is not included at all, and = MingW32 makefile is double-broken since 1st missing libssh2.rc, and 2nd = windres would break due to wrong switches order. I dont know though if these points warrant to make a follow-up release, = but I thought I mention, and let you decide. I believe I've fixed my mistakes meanwhile in git; one outstanding thing = which is not a fix would be to make the MSVC builds use the resource, = but not sure if I can add this shortly *with* proper testing (patches = welcome!) G=FCn. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 22:43:46 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IKhN6M011609; Wed, 18 Aug 2010 22:43:41 +0200 Received: from mx2.belnet.be (mx2.belnet.be [193.190.198.13]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7IKhMIo011603 for ; Wed, 18 Aug 2010 22:43:22 +0200 X-IronPort-AV: E=Sophos;i="4.56,229,1280700000"; d="scan'208";a="842187" Received: from firewall.belnet.be (HELO relay.fw.belnet.be) ([193.190.198.37]) by mx2-out.belnet.be with ESMTP; 18 Aug 2010 22:43:18 +0200 Received: from [192.168.2.4] (213.219.143.81.adsl.dyn.edpnet.net [213.219.143.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by relay.fw.belnet.be (Postfix) with ESMTPSA id 9BD904C for ; Wed, 18 Aug 2010 22:36:29 +0200 (CEST) Message-ID: <4C6C45E5.4020405@0xbadc0de.be> Date: Wed, 18 Aug 2010 22:43:17 +0200 From: Aris Adamantiadis User-Agent: Thunderbird 2.0.0.24 (X11/20100411) MIME-Version: 1.0 To: libssh2 development Subject: Re: AES-CTR not available upon configure ibssh2 1.2.6 References: <87iq3on4n9.fsf@mocca.josefsson.org> <87aap0n3tp.fsf@mocca.josefsson.org> <871vaaria4.fsf@mocca.josefsson.org> <20100818145016.26941.qmail@stuge.se> In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 22:43:46 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 22:43:22 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi, Thanks for the good laugh ! Aris A. Mark a =E9crit : > Ok, I can be more specific. The 128KB buffer to be sent should be > encrypted with asymetric encryption preferably AES-256 or equal. It > would be also necessary to authenticate the hosts before sending this > data.The data would ideally be sendable both ways, but only one way > per application run and only once. Basically the data sent are > symmetric keys for a stream cipher that the apps will be using > subsequently. I'm using Gcrypt to generate secure memory buffers for > the 128KB initial data to be sent but gcrypt does not provide an api > to secure sockets. So, I was thinking either openssl or polarssl, or > the libssh2 approach (direct tcp-ip). And yes it did occur to me that > setting up the above with SSL / TLS libs is a pain because i have to > worry about certificates and i don't really know enough about those > things. I hope this is enough info...Thank you! > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > = _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Aug 18 23:10:16 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7ILA8YK027698; Wed, 18 Aug 2010 23:10:15 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7ILA6jD027564 for ; Wed, 18 Aug 2010 23:10:06 +0200 Date: Wed, 18 Aug 2010 23:10:06 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: ANNOUNCE: libssh2 1.2.7 In-Reply-To: <4C6C23A1.5010300@gknw.net> Message-ID: References: <4C6C23A1.5010300@gknw.net> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Wed, 18 Aug 2010 23:10:16 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Wed, 18 Aug 2010 23:10:06 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Wed, 18 Aug 2010, Guenter wrote: > I'm really sorry, but seems that I broke some things .... No worries, these things happen to all of us at one time or another! > I dont know though if these points warrant to make a follow-up release, but > I thought I mention, and let you decide. I think we can wait and see if we get any angry mobs with pitchforks showing up, and if we don't (which I suspect will happen) we can just proceed like normal and plan for another release in 2-3 months or so with all these fixes included. Thanks for your heads-up and your work on getting these corrected! -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 19 03:38:19 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7J1bvah004070; Thu, 19 Aug 2010 03:38:15 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7J1btmc003932 for ; Thu, 19 Aug 2010 03:37:55 +0200 Received: (qmail 21291 invoked by uid 501); 19 Aug 2010 01:37:50 -0000 Message-ID: <20100819013750.21290.qmail@stuge.se> Date: Thu, 19 Aug 2010 03:37:50 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: libssh2 master c46abb2 Use the new libssh2.rc file. Mail-Followup-To: libssh2-devel@cool.haxx.se References: <20100816235916.5873.qmail@earth.stuge.se> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20100816235916.5873.qmail@earth.stuge.se> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 03:38:19 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 03:37:55 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se libssh2@git.stuge.se wrote: > +++ b/win32/libssh2.rc .. > + VALUE "CompanyName", "The libssh2 library, http://www.libssh2.org/\0" > + VALUE "FileDescription", "libssh2 Shared Library\0" Why do you add the extra \0 in these strings? //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 19 03:56:33 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7J1uQJ1015220; Thu, 19 Aug 2010 03:56:32 +0200 Received: from dns-factory.at (mail.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7J1uOWv015169 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 19 Aug 2010 03:56:24 +0200 Received: from [172.17.100.7] lists@gknw.net [84.63.37.175] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Thu, 19 Aug 2010 03:56:09 +0200 Message-ID: <4C6C8F32.8060601@gknw.net> Date: Thu, 19 Aug 2010 03:56:02 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.8) Gecko/20100802 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: libssh2 master c46abb2 Use the new libssh2.rc file. References: <20100816235916.5873.qmail@earth.stuge.se> <20100819013750.21290.qmail@stuge.se> In-Reply-To: <20100819013750.21290.qmail@stuge.se> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 03:56:33 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 03:56:24 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Am 19.08.2010 03:37, schrieb Peter Stuge: > libssh2@git.stuge.se wrote: >> +++ b/win32/libssh2.rc > .. >> + VALUE "CompanyName", "The libssh2 library, http://www.libssh= 2.org/\0" >> + VALUE "FileDescription", "libssh2 Shared Library\0" > > Why do you add the extra \0 in these strings? no idea - everyone does; seen in all .rc files so far. Try to find M$ = docu of their RC.EXE, maybe it explains the .rc format ... G=FCn. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 19 13:34:00 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JBXje4032649; Thu, 19 Aug 2010 13:33:58 +0200 Received: from oproxy2-pub.bluehost.com (oproxy2-pub.bluehost.com [67.222.39.60]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7JBXgNa032638 for ; Thu, 19 Aug 2010 13:33:44 +0200 Received: (qmail 30992 invoked by uid 0); 19 Aug 2010 11:33:39 -0000 Received: from unknown (HELO box439.bluehost.com) (69.89.31.239) by oproxy2.bluehost.com with SMTP; 19 Aug 2010 11:33:39 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=moontechnolabs.com; h=Received:From:Content-Type:Subject:Date:Message-Id:To:Mime-Version:X-Mailer:X-Identified-User; b=uNZz+Ys/0VgREQXnjQ2VbHiqK/hnJEed4sGmrlM7lkPylA4gTQVYxRK41QxSKMqsxIPcE9PHy2kRIj3s48BzhwemNUkfP2JnvaI2hTA893d90WIHvZPMgvX0ljcoDba6; Received: from [122.169.88.161] (helo=[192.168.1.6]) by box439.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from ) id 1Om3NK-00072J-IE for libssh2-devel@cool.haxx.se; Thu, 19 Aug 2010 05:33:39 -0600 From: Paresh Thakor Subject: Authentication on user request Date: Thu, 19 Aug 2010 16:52:53 +0530 Message-Id: <9EA80087-B6F0-4BA7-9E01-A755D615180C@moontechnolabs.com> To: libssh2 development Mime-Version: 1.0 (Apple Message framework v1078) X-Mailer: Apple Mail (2.1078) X-Identified-User: {1089:box439.bluehost.com:moonsoft:moontechnolabs.com} {sentby:smtp auth 122.169.88.161 authed with paresh.thakor@moontechnolabs.com} X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 13:34:00 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 13:33:44 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1446615405==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1446615405== Content-Type: multipart/alternative; boundary=Apple-Mail-12--1032904779 --Apple-Mail-12--1032904779 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hello, I'm trying to implement libssh2 for my application and all functions I = see requires that user must be authenticated in order to transmit = commands through channel. libssh2_channel_open_session(session) requires = a user must be authenticated for particular session, then, channel will = be created. libssh2_userauth_authenticated(session) is required to check = user authentication. But what I want is to open a channel for user who = is not authenticated. Like, terminal will open and ask user for password = authentication. I want such functionality. If user has not specified = password, it'll be asked when he opens terminal. Can anyone suggest me = any idea? How can I implement it? Without authentication, user needs to be able to open terminal and on = terminal he'll input password, which will be used for authentication. = This way, user keeps password security. Regards, Paresh Thakor.= --Apple-Mail-12--1032904779 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii (sessionrequires a user = must be authenticated for particular session, then, channel will be = created.  Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JCvGCG010695; Thu, 19 Aug 2010 14:57:31 +0200 Received: from ecdor130.cmc.ec.gc.ca (ecdor130.cmc.ec.gc.ca [199.212.17.130]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JCvFK2010688 for ; Thu, 19 Aug 2010 14:57:15 +0200 Received: from ecdor130.cmc.ec.gc.ca (localhost [127.0.0.1]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id 019524C0B6 for ; Thu, 19 Aug 2010 12:57:06 +0000 (GMT) Received: from [142.135.2.4] (averroes.cmc.ec.gc.ca [142.135.2.4]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id EFC564C059 for ; Thu, 19 Aug 2010 12:57:05 +0000 (GMT) Message-ID: <4C6D2A21.1030802@ec.gc.ca> Date: Thu, 19 Aug 2010 08:57:05 -0400 From: Michel Valin User-Agent: Thunderbird 2.0.0.24 (X11/20100228) MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: switching cipher to none after authentification when data needs no encryption X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 14:57:33 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 14:57:15 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Our sshd server daemons have the HPN feature http://www.psc.edu/networking/projects/hpn-ssh/hpnreadme.php that allows NoneSwitch (switch cipher to none after authentification). They do not allow the none cipher end to end for security reasons. Is there a way to use of this feature (NoneSwitch) with libssh2. Am i missing something in the API that would allow to negotiate turning off the encrytion after authentification (the cipher seems to be the speed limit) ? I am very new to libssh2. -- Michel Valin Michel.Valin@ec.gc.CA _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 19 16:50:03 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JEngdq023372; Thu, 19 Aug 2010 16:50:00 +0200 Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JEne9s023367 for ; Thu, 19 Aug 2010 16:49:41 +0200 Received: from [IPv6:2001::53aa:64c:0:1427:525d:2925] (unknown [IPv6:2001:0:53aa:64c:0:1427:525d:2925]) by toccata.fugue.com (Postfix) with ESMTPSA id 8C88934E4530 for ; Thu, 19 Aug 2010 10:49:51 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v1081) Subject: Re: Authentication on user request From: Ted Lemon In-Reply-To: <9EA80087-B6F0-4BA7-9E01-A755D615180C@moontechnolabs.com> Date: Thu, 19 Aug 2010 10:49:34 -0400 Message-Id: <30E61E2D-F426-4329-9E28-7DBC1D0C44B1@fugue.com> References: <9EA80087-B6F0-4BA7-9E01-A755D615180C@moontechnolabs.com> To: libssh2 development X-Mailer: Apple Mail (2.1081) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 16:50:03 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 16:49:41 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Aug 19, 2010, at 7:22 AM, Paresh Thakor wrote: > Without authentication, user needs to be able to open terminal and on terminal he'll input password, which will be used for authentication. This way, user keeps password security. I will tell you what I think the answer to this is, but I'm a n00b, so maybe someone will correct me. The answer is that if the remote end offers password authentication as an option, then you provide the user with a prompt where they type in their username and password. You then provide that information to the remote end using the libssh2_userauth_password() API function. You should provide a callback to prompt the user for a password change in case the host requests this. If the remote end requests keyboard-interactive authentication, then you would get the username and call the libssh2_userauth_keyboard_interactive() function with a callback that will be called to prompt the user for their password. This may actually be the more likely scenario--I don't know because I haven't tried it. So the point is that the user is never typing at a prompt offered by the remote host--it's always interacting with your program. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 19 21:56:49 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JJuB1e019641; Thu, 19 Aug 2010 21:56:45 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7JJuAGv019630 for ; Thu, 19 Aug 2010 21:56:10 +0200 Received: (qmail 28834 invoked by uid 501); 19 Aug 2010 19:56:07 -0000 Message-ID: <20100819195607.28833.qmail@stuge.se> Date: Thu, 19 Aug 2010 21:56:07 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: switching cipher to none after authentification when data needs no encryption Mail-Followup-To: libssh2-devel@cool.haxx.se References: <4C6D2A21.1030802@ec.gc.ca> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4C6D2A21.1030802@ec.gc.ca> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 21:56:49 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 21:56:10 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Michel Valin wrote: > Is there a way to use of this feature (NoneSwitch) with libssh2. > > Am i missing something in the API Not API, but at build time. $ ./configure --help .. --enable-crypt-none Permit "none" cipher -- NOT RECOMMENDED --enable-mac-none Permit "none" MAC -- NOT RECOMMENDED //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 19 22:20:50 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JKKgk2000998; Thu, 19 Aug 2010 22:20:48 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7JKKeUO000992 for ; Thu, 19 Aug 2010 22:20:40 +0200 Received: (qmail 32458 invoked by uid 501); 19 Aug 2010 20:20:37 -0000 Message-ID: <20100819202037.32457.qmail@stuge.se> Date: Thu, 19 Aug 2010 22:20:37 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Authentication on user request Mail-Followup-To: libssh2-devel@cool.haxx.se References: <9EA80087-B6F0-4BA7-9E01-A755D615180C@moontechnolabs.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <9EA80087-B6F0-4BA7-9E01-A755D615180C@moontechnolabs.com> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 22:20:50 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 22:20:40 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Paresh Thakor wrote: > what I want is to open a channel for user who is not authenticated. You can not do that, it is not how SSH works. Did you read the RFC to learn about the protocol that your application wants to use? > Like, terminal will open and ask user for password authentication. User auth happens before channels. As Ted pointed out, your program must be able to deal with whatever userauth methods are allowed by the server, and your program must interact with the user accordingly. How you do that is your problem. Do what fits in your app. > I want such functionality. If user has not specified password, > it'll be asked when he opens terminal. Can anyone suggest me any > idea? How can I implement it? You are on your own. This is outside the scope of libssh2. You have to learn how to develop your own application. I keep repeating this, because you keep asking this mailing list about questions which are unrelated to libssh2. > Without authentication, user needs to be able to open terminal and > on terminal he'll input password, which will be used for > authentication. This way, user keeps password security. Please don't mistake passwords for security. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 19 22:42:52 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JKgjug013778; Thu, 19 Aug 2010 22:42:50 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7JKghf0013754 for ; Thu, 19 Aug 2010 22:42:43 +0200 Received: (qmail 3293 invoked by uid 501); 19 Aug 2010 20:42:40 -0000 Message-ID: <20100819204240.3292.qmail@stuge.se> Date: Thu, 19 Aug 2010 22:42:40 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: libssh2 master c46abb2 Use the new libssh2.rc file. Mail-Followup-To: libssh2-devel@cool.haxx.se References: <20100816235916.5873.qmail@earth.stuge.se> <20100819013750.21290.qmail@stuge.se> <4C6C8F32.8060601@gknw.net> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4C6C8F32.8060601@gknw.net> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 22:42:52 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 22:42:43 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Guenter wrote: >>> + VALUE "FileDescription", "libssh2 Shared Library\0" >> >> Why do you add the extra \0 in these strings? > > no idea - everyone does; seen in all .rc files so far. Try to find > M$ docu of their RC.EXE, maybe it explains the .rc format ... In my experience they are not needed. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 19 23:07:06 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JL6tjB002209; Thu, 19 Aug 2010 23:07:05 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7JL6rLX002206 for ; Thu, 19 Aug 2010 23:06:54 +0200 Received: (qmail 6842 invoked by uid 501); 19 Aug 2010 21:06:50 -0000 Message-ID: <20100819210650.6841.qmail@stuge.se> Date: Thu, 19 Aug 2010 23:06:50 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: libssh2 master c46abb2 Use the new libssh2.rc file. Mail-Followup-To: libssh2-devel@cool.haxx.se References: <20100816235916.5873.qmail@earth.stuge.se> <20100819013750.21290.qmail@stuge.se> <4C6C8F32.8060601@gknw.net> <20100819204240.3292.qmail@stuge.se> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20100819204240.3292.qmail@stuge.se> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 19 Aug 2010 23:07:06 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 19 Aug 2010 23:06:54 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Peter Stuge wrote: > >> Why do you add the extra \0 in these strings? > > > > no idea - everyone does; seen in all .rc files so far. Check wine.. > In my experience they are not needed. ..it also don't have them. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 20 00:43:08 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JMgtTe020713; Fri, 20 Aug 2010 00:43:05 +0200 Received: from dns-factory.at (mx03.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7JMgrt5020678 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Fri, 20 Aug 2010 00:42:53 +0200 Received: from [172.17.100.7] lists@gknw.net [84.63.37.175] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Fri, 20 Aug 2010 00:42:40 +0200 Message-ID: <4C6DB356.8040208@gknw.net> Date: Fri, 20 Aug 2010 00:42:30 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.8) Gecko/20100802 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: libssh2 master c46abb2 Use the new libssh2.rc file. References: <20100816235916.5873.qmail@earth.stuge.se> <20100819013750.21290.qmail@stuge.se> <4C6C8F32.8060601@gknw.net> <20100819204240.3292.qmail@stuge.se> <20100819210650.6841.qmail@stuge.se> In-Reply-To: <20100819210650.6841.qmail@stuge.se> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 20 Aug 2010 00:43:07 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 20 Aug 2010 00:42:53 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Am 19.08.2010 23:06, schrieb Peter Stuge: > Peter Stuge wrote: >>>> Why do you add the extra \0 in these strings? >>> >>> no idea - everyone does; seen in all .rc files so far. > > Check wine.. I check nothing - I have only blindly copied over the resource file from = libcurl and adapted for libssh2; I do not care if there are some = trailing \0 or not. They are in libcurl.rc, in cares.rc, in a couple of = other OpenSource projects (see below), and now they are with libssh2.rc. Other project's resource files where I see these trailing \0: Apache libapr: http://svn.apache.org/viewvc/apr/apr/trunk/libapr.rc?revision=3D983403&view= =3Dmarkup Apache httpd: http://svn.apache.org/viewvc/httpd/httpd/trunk/build/win32/httpd.rc?revisio= n=3D421084&view=3Dmarkup Subversion: http://svn.apache.org/viewvc/subversion/trunk/build/win32/svn.rc?revision= =3D889565&view=3Dmarkup PHP: http://svn.php.net/viewvc/php/php-src/trunk/win32/php5dllts.rc2?revision=3D= 298702&view=3Dmarkup With a quick googling I found M$ suggests them here: http://msdn.microsoft.com/en-us/library/aa381058%28v=3DVS.85%29.aspx look for: #define VER_FILEVERSION_STR "3.10.349.0\0" #define VER_PRODUCTVERSION_STR "3.10\0" >> In my experience they are not needed. I really wonder what you care at all about few trailing \0 which might = or might not be required. But if you care that much for these then I = suggest this: compile a helloworld.c with a helloworld.rc without \0, and compile this with MSVC6, MSVC9, MingW32, Watcom, Borland, LCC and their = shipping resource compiler. Then check if all these 6 binary results = display the version info from the .rc file correctly on W2000, WXP, = Vista, W7. If this is true then go and remove them. I though have not the time nor all compilers handy to check this, sorry. BTW. there are also resource editors available which might rely on these = extra \0, who knows ... And finally: dont get me wrong - I wondered about these also when I saw = them first time, and I'm in doubt too if they are needed, just like you = ... -- but other than you I dont care about because its not worth to = proof it :) :) G=FCn. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 20 08:42:50 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7K6gThU012969; Fri, 20 Aug 2010 08:42:46 +0200 Received: from qswall.lpma.nsw.gov.au (qswall.lpma.nsw.gov.au [203.14.35.57]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7K6gOqP012810 for ; Fri, 20 Aug 2010 08:42:27 +0200 From: Phillip Wu To: "libssh2-devel@cool.haxx.se" Date: Fri, 20 Aug 2010 16:42:04 +1000 Subject: libssh2 and no wait I/O Example Thread-Topic: libssh2 and no wait I/O Example Thread-Index: ActAMsz/pW4aFWe1TqCd+iWYcnCo6Q== Message-ID: <137CA4FE5CCDB7449ED3CD4445077AC304F9A5D80B@SRV-QS-MAIL6.lands.nsw> Accept-Language: en-US, en-AU Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-cr-hashedpuzzle: AsTl Blf2 B4wN CIEp Dj6k EJHJ FGJI FQsu GTmP H2lY IBip J9V/ J+4A LCfP LEOt LGuh;1; bABpAGIAcwBzAGgAMgAtAGQAZQB2AGUAbABAAGMAbwBvAGwALgBoAGEAeAB4AC4AcwBlAA==; Sosha1_v1;7;{F0EB4774-F6B8-4AE0-BCC8-2A3B3D73271D}; cABoAGkAbABsAGkAcAAuAHcAdQBAAGwAcABtAGEALgBuAHMAdwAuAGcAbwB2AC4AYQB1AA==; Fri, 20 Aug 2010 06:42:04 GMT; bABpAGIAcwBzAGgAMgAgAGEAbgBkACAAbgBvACAAdwBhAGkAdAAgAEkALwBPACAARQB4AGEAbQBwAGwAZQA= x-cr-puzzleid: {F0EB4774-F6B8-4AE0-BCC8-2A3B3D73271D} acceptlanguage: en-US, en-AU MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 20 Aug 2010 08:42:50 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 20 Aug 2010 08:42:28 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0135632698==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============0135632698== Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_137CA4FE5CCDB7449ED3CD4445077AC304F9A5D80BSRVQSMAIL6lan_" --_000_137CA4FE5CCDB7449ED3CD4445077AC304F9A5D80BSRVQSMAIL6lan_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Does anyone have a simple example of how to use select with libssh2? I have seen the example ssh2_exec.c but this is a bit confusing. Is this the rough idea (read from a shell with timeout): sock =3D socket(AF_INET, SOCK_STREAM, 0); connect(sock, (struct sockaddr*)(&sin), sizeof(struct sockaddr_in) session =3D libssh2_session_init(); rc =3D libssh2_session_startup(session, sock); /* Authenticate */ /* Run shell */ rc =3D libssh2_channel_exec(channel, "/bin/sh") FD_ZERO(&fd); FD_SET(socket_fd, &fd); readfd =3D &fd; /* Set non blocking */ libssh2_session_set_blocking(session, 0); /* Read from shell */ rc =3D select(socket_fd + 1, readfd, writefd, NULL,&timeout); libssh2_channel_read(channel,buf,sizeof(buf)) *************************************************************** This message is intended for the addressee named and may contain confidenti= al information. If you are not the intended recipient, please delete it and= notify the sender. Views expressed in this message are those of the indivi= dual sender, and are not necessarily the views of the Land and Property Man= agement Authority. This email message has been swept by MIMEsweeper for the= presence of computer viruses. *************************************************************** Please consider the environment before printing this email. --_000_137CA4FE5CCDB7449ED3CD4445077AC304F9A5D80BSRVQSMAIL6lan_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Does anyone have a simple example of how to use select= with libssh2?

 

I have seen the example ssh2_exec.c but this is a bit confusing.

 

Is this the rough idea (read from a shell with timeout= ):

sock =3D socket(AF_INET, SOCK_STREAM, 0);

 

connect(sock, (struct sockaddr*)(&sin),  &nbs= p;sizeof(struct sockaddr_in)

 

session =3D libssh2_session_init();

 

rc =3D libssh2_session_startup(session, sock);

 

/* Authenticate */

 

/* Run shell */

rc =3D libssh2_channel_exec(channel, “/bin/sh= 221;)

 

   FD_ZERO(&fd);

   FD_SET(socket_fd, &fd);

  readfd =3D &fd;

/* Set non blocking */

libssh2_session_set_blocking(session, 0);

 

/* Read from shell */

rc =3D select(socket_fd + 1, readfd, writefd, NULL,&am= p;timeout);

libssh2_channel_read(channel,buf,sizeof(buf))

 

 

 

 

 

 


This message is intend= ed for the addressee named and may contain confidential information. If you= are not the intended recipient, please delete it and noti= fy the sender. Views expressed in this message are = those of the individual sender, and are not necessa= rily the views of the Land and Property Management = Authority. This email message has been swept by MIM= Esweeper for the presence of computer viruses.


Please consider the environment before printing this email.

--_000_137CA4FE5CCDB7449ED3CD4445077AC304F9A5D80BSRVQSMAIL6lan_-- --===============0135632698== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0135632698==-- From libssh2-devel-bounces@cool.haxx.se Fri Aug 20 12:58:36 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7KAwKwg023500; Fri, 20 Aug 2010 12:58:34 +0200 Received: from ecdor130.cmc.ec.gc.ca (ecdor130.cmc.ec.gc.ca [199.212.17.130]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7KAwI1p023470 for ; Fri, 20 Aug 2010 12:58:18 +0200 Received: from ecdor130.cmc.ec.gc.ca (localhost [127.0.0.1]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id 21EF44BB41 for ; Fri, 20 Aug 2010 10:58:08 +0000 (GMT) Received: from [142.135.2.4] (averroes.cmc.ec.gc.ca [142.135.2.4]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id 1D28D4BB35 for ; Fri, 20 Aug 2010 10:58:08 +0000 (GMT) Message-ID: <4C6E5FBF.6010504@ec.gc.ca> Date: Fri, 20 Aug 2010 06:58:07 -0400 From: Michel Valin User-Agent: Thunderbird 2.0.0.24 (X11/20100228) MIME-Version: 1.0 To: libssh2 development Subject: Re: switching cipher to none after authentification when data needs no encryption References: <4C6D2A21.1030802@ec.gc.ca> <20100819195607.28833.qmail@stuge.se> In-Reply-To: <20100819195607.28833.qmail@stuge.se> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 20 Aug 2010 12:58:36 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 20 Aug 2010 12:58:19 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se As i understand it, the "none" cipher turns encryption off from the get go. The question remains, how to switch from strong cipher at authentication time to no cipher for data transfer. NoneEnabled+NoneSwitch in the HPN patch does exactly that automatically, but needs a modified server/client pair. This is why we use this modified version of ssh. We need authentification to be protected but unencrypted data transfers are not a problem. (our ssh daemons reject the "none" cipher) I was wondering if there was a way to switch encryption off once the credentials and keys have been exchanged and validated. It looks as if the "regular" ssh cannot do that hence this HPN modification that does it automagically. Peter Stuge wrote: > Michel Valin wrote: >> Is there a way to use of this feature (NoneSwitch) with libssh2. >> >> Am i missing something in the API > = > Not API, but at build time. > = > $ ./configure --help > .. > --enable-crypt-none Permit "none" cipher -- NOT RECOMMENDED > --enable-mac-none Permit "none" MAC -- NOT RECOMMENDED > = > = > //Peter > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- = Michel Valin Responsable, Soutien CHP | Head, HPC support CHP & Op=E9rations des TI nationales HPC & National IT Operations Direction du dirigeant principal de l'information Chief Information Officer Branch Environnement Canada | Environment Canada 2121, N. Trans canada, Dorval, QC, CANADA H9P 1J3 Michel.Valin@ec.gc.CA T=E9l=E9phone | Telephone 514-421-4753 T=E9l=E9copieur | Facsimile 514-421-4703 Gouvernement du Canada | Government of Canada Entre deux mots, il faut choisir le moindre. Always choose the shortest of two words. Paul Val=E9ry _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 20 20:03:52 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7KI3UPZ029742; Fri, 20 Aug 2010 20:03:48 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7KI3SmB029738 for ; Fri, 20 Aug 2010 20:03:29 +0200 Received: (qmail 2863 invoked by uid 501); 20 Aug 2010 18:03:25 -0000 Message-ID: <20100820180325.2862.qmail@stuge.se> Date: Fri, 20 Aug 2010 20:03:25 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: switching cipher to none after authentification when data needs no encryption Mail-Followup-To: libssh2-devel@cool.haxx.se References: <4C6D2A21.1030802@ec.gc.ca> <20100819195607.28833.qmail@stuge.se> <4C6E5FBF.6010504@ec.gc.ca> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4C6E5FBF.6010504@ec.gc.ca> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 20 Aug 2010 20:03:52 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 20 Aug 2010 20:03:29 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi again. Sorry, I misunderstood a little. Michel Valin wrote: > As i understand it, the "none" cipher turns encryption off from the > get go. Well, yes. It's a cipher algorithm which results in no encryption. > The question remains, how to switch from strong cipher at > authentication time to no cipher for data transfer. Yeah. You want to switch cipher in an established session, before opening any channels. libssh2 has no API for this, but go ahead and suggest something. If it's clean and you send a patch then I don't see why it wouldn't be included. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 20 20:50:54 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7KIokoF022751; Fri, 20 Aug 2010 20:50:53 +0200 Received: from ecdor130.cmc.ec.gc.ca (ecdor130.cmc.ec.gc.ca [199.212.17.130]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7KIohaZ022681 for ; Fri, 20 Aug 2010 20:50:44 +0200 Received: from ecdor130.cmc.ec.gc.ca (localhost [127.0.0.1]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id BCE1C4B966 for ; Fri, 20 Aug 2010 18:50:34 +0000 (GMT) Received: from [142.135.2.4] (averroes.cmc.ec.gc.ca [142.135.2.4]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id B8CD24B94A for ; Fri, 20 Aug 2010 18:50:34 +0000 (GMT) Message-ID: <4C6ECE7A.5020809@ec.gc.ca> Date: Fri, 20 Aug 2010 14:50:34 -0400 From: Michel Valin User-Agent: Thunderbird 2.0.0.24 (X11/20100228) MIME-Version: 1.0 To: libssh2 development Subject: Re: switching cipher to none after authentification when data needs no encryption References: <4C6D2A21.1030802@ec.gc.ca> <20100819195607.28833.qmail@stuge.se> <4C6E5FBF.6010504@ec.gc.ca> <20100820180325.2862.qmail@stuge.se> In-Reply-To: <20100820180325.2862.qmail@stuge.se> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 20 Aug 2010 20:50:54 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 20 Aug 2010 20:50:44 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se i'll try to look into the client side of the code with the HPN mod and see how the client requests it from the NoneEnabled/NoneSwitch sshd daemon. http://www.psc.edu/networking/projects/hpn-ssh/hpnreadme.php might take me a while as i am not familiar at all with the mechanics of ssh/ssl (an why i found libssh2 way simpler to use than the other libraries in the first place) Peter Stuge wrote: > Hi again. > = > Sorry, I misunderstood a little. > = > = > Michel Valin wrote: >> As i understand it, the "none" cipher turns encryption off from the >> get go. > = > Well, yes. It's a cipher algorithm which results in no encryption. > = > = >> The question remains, how to switch from strong cipher at >> authentication time to no cipher for data transfer. > = > Yeah. You want to switch cipher in an established session, before > opening any channels. libssh2 has no API for this, but go ahead and > suggest something. If it's clean and you send a patch then I don't > see why it wouldn't be included. > = > = > //Peter > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- = Michel Valin Responsable, Soutien CHP | Head, HPC support CHP & Op=E9rations des TI nationales HPC & National IT Operations Direction du dirigeant principal de l'information Chief Information Officer Branch Environnement Canada | Environment Canada 2121, N. Trans canada, Dorval, QC, CANADA H9P 1J3 Michel.Valin@ec.gc.CA T=E9l=E9phone | Telephone 514-421-4753 T=E9l=E9copieur | Facsimile 514-421-4703 Gouvernement du Canada | Government of Canada Entre deux mots, il faut choisir le moindre. Always choose the shortest of two words. Paul Val=E9ry _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 20 21:45:42 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7KJjSxU023404; Fri, 20 Aug 2010 21:45:41 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7KJjR73023400 for ; Fri, 20 Aug 2010 21:45:27 +0200 Received: (qmail 18201 invoked by uid 501); 20 Aug 2010 19:45:22 -0000 Message-ID: <20100820194522.18200.qmail@stuge.se> Date: Fri, 20 Aug 2010 21:45:22 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: libssh2 master c46abb2 Use the new libssh2.rc file. Mail-Followup-To: libssh2-devel@cool.haxx.se References: <20100816235916.5873.qmail@earth.stuge.se> <20100819013750.21290.qmail@stuge.se> <4C6C8F32.8060601@gknw.net> <20100819204240.3292.qmail@stuge.se> <20100819210650.6841.qmail@stuge.se> <4C6DB356.8040208@gknw.net> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4C6DB356.8040208@gknw.net> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 20 Aug 2010 21:45:42 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 20 Aug 2010 21:45:27 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Guenter wrote: >>>>> Why do you add the extra \0 in these strings? >>>> >>>> no idea - everyone does; seen in all .rc files so far. >> >> Check wine.. > > I check nothing You say everyone does, I mentioned a source which doesn't, and which in my view would be a bit more reliable than others in this case. > I do not care if there are some trailing \0 or not. I think they're ugly, I don't think they make any sense, and I would prefer if we didn't have them. > They are in libcurl.rc, in cares.rc, in a couple of other > OpenSource projects (see below), and now they are with libssh2.rc. We might have had them before too. > Other project's resource files where I see these trailing \0: > Apache libapr: > Apache httpd: > Subversion: > PHP: Not much reason for us to keep them.. > With a quick googling I found M$ suggests them here: > http://msdn.microsoft.com/en-us/library/aa381058%28v=VS.85%29.aspx > look for: > #define VER_FILEVERSION_STR "3.10.349.0\0" > #define VER_PRODUCTVERSION_STR "3.10\0" Interesting. It's too bad that we don't know the contents of the other defines in that StringFileInfo BLOCK. But we can have a look at the docs for StringFileInfo: http://msdn.microsoft.com/en-us/library/aa381049(v=VS.85).aspx In all the examples (in the table, per parameter) there's no trailing \0 anywhere. MS rc.exe has /n for zero-terminating STRINGTABLE strings. It seems like they should also not have a final \0 from the docs: http://msdn.microsoft.com/en-us/library/aa381050(v=VS.85).aspx > I really wonder what you care at all about few trailing \0 which > might or might not be required. Again: ugly and stupid. > But if you care that much for these then I suggest this: > compile a helloworld.c with a helloworld.rc without \0, and > compile this with MSVC6, MSVC9, MingW32, Watcom, Borland, LCC and > their shipping resource compiler. Then check if all these 6 binary > results display the version info from the .rc file correctly on > W2000, WXP, Vista, W7. If this is true then go and remove them. This is one approach, but I think it's the wrong approach for an open source project. It's much more suitable for commercial products. If we can easily test stuff of course we should. If we know that something will break of course we should avoid that. In this case we don't really know, and it seems like an improvement in several ways, so I consider it fine to optimistically make the change. Hopefully nothing will break. If something breaks then we can easily fix it and we'll have a data point which we can document and which is actually relevant for our project. > And finally: dont get me wrong - I wondered about these also when I > saw them first time, and I'm in doubt too if they are needed, just > like you ... This isn't my first time seeing them. I question them every time. :) > -- but other than you I dont care about because its not worth to > proof it I agree it's not worth the effort of proving it, but I disagree that we need to do that. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 20 22:05:07 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7KK4xaq002103; Fri, 20 Aug 2010 22:05:06 +0200 Received: from foo.birdnet.se (qmailr@foo.birdnet.se [213.88.146.6]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with SMTP id o7KK4wNF002097 for ; Fri, 20 Aug 2010 22:04:58 +0200 Received: (qmail 21062 invoked by uid 501); 20 Aug 2010 20:04:55 -0000 Message-ID: <20100820200455.21061.qmail@stuge.se> Date: Fri, 20 Aug 2010 22:04:55 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: switching cipher to none after authentification when data needs no encryption Mail-Followup-To: libssh2-devel@cool.haxx.se References: <4C6D2A21.1030802@ec.gc.ca> <20100819195607.28833.qmail@stuge.se> <4C6E5FBF.6010504@ec.gc.ca> <20100820180325.2862.qmail@stuge.se> <4C6ECE7A.5020809@ec.gc.ca> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4C6ECE7A.5020809@ec.gc.ca> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 20 Aug 2010 22:05:07 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 20 Aug 2010 22:04:58 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Michel Valin wrote: > i'll try to look into the client side of the code with the HPN mod and > see how the client requests it from the NoneEnabled/NoneSwitch sshd > daemon. My guess is that either client or server sends SSH_MSG_NEWKEYS once authentication is completed. > might take me a while as i am not familiar at all with the mechanics > of ssh/ssl Note that SSL/TLS is vastly different from SSH. To learn about SSH, check out RFC 4250-4254. It's not so bad. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun Aug 22 09:59:00 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7M7wbWN012277; Sun, 22 Aug 2010 09:58:55 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7M7wYeR012272 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sun, 22 Aug 2010 09:58:36 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o7M7wPE8010088 for ; Sun, 22 Aug 2010 00:58:25 -0700 (PDT) Message-ID: <4C70D8C0.4536FA68@rcom-software.com> Date: Sun, 22 Aug 2010 00:58:56 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Libssh2: Libgcrypt authentication failure X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sun, 22 Aug 2010 09:59:00 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sun, 22 Aug 2010 09:58:36 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Dear Group: I am experiencing a problem with libssh2 version 1.2.6 which I don't understand. The symptoms are described below and suggest the problem is specific to libgcrypt. Any insight about the problem would be greatly appreciated. The example/sftp_write_nonblock program fails with error -19-- LIBSSH2_PUBLICKEY_UNVERIFIED. However, the tests/ssh2.sh script works correctly. These are the arguments I am passing in the sftp_write_nonblock program: const char *username="paulr"; /* System Must stripped */ const char *password="secret_agent"; const char *loclfile="sftp_write_nonblock.c"; This is the call which performs the authentication: while ((rc = libssh2_userauth_publickey_fromfile(session, username, "/home/paulr/.ssh/id_rsa.pub", "/home/paulr/.ssh/id_rsa", password)) == LIBSSH2_ERROR_EAGAIN); is_rsa has a passphrase and I know both id_rsa and id_rsa.pub are good because I can login to my system with ssh. Also, the .ssh/authorized_key file is valid. In the routine _libssh2_pem_parse() fails and returns a -1 when called by _libssh2_rsa_new_private() in src/libgcrypt.c. The version of libssh2 is 1.2.6 and the configure options are as follows: --with-libgcrypt-prefix=/usr/lib --without-openssl Note that if I configure the software without any flags the example/sftp_write_nonblock program works. My system is Debian Linux system with libgcrypt installed and the the following build information: Linux build 2.6.18-6-686 #1 SMP Fri Feb 19 23:40:03 UTC 2010 i686 GNU/Linux A potential clue about the problem is that the length of the decrypted private key seems to be calculated inconsistently. Best Regards, Paul R. -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun Aug 22 13:54:38 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7MBsKjv027815; Sun, 22 Aug 2010 13:54:35 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7MBsHV7027781 for ; Sun, 22 Aug 2010 13:54:18 +0200 Received: by qwg5 with SMTP id 5so5527173qwg.41 for ; Sun, 22 Aug 2010 04:54:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; bh=LtYSw7Q0RkD+k+kOTN4BuidgylW8gMnvgcfD1CVB4lo=; b=DqKhcsUtrXRDup7UUp4HtoXS2h0AKwBUx3kOr3SdcfNe5+PY92X9nqM6abk6YEJ9xE dpEpWT1kFzBv5wQZg5E6Rpf1VYz6Q4p55C598DGoyyHUPHlqjRde9gdDlQnFJ7SqzkRB j9IRxEO22w8cG/QmktSlmy3uqMWN0jilu5Ccw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=YKir211Sc9opzz+Qohd1ykMlThsFpQ18XZYVsCant9ghn9RMM0CqEhiXufndchaWNo z+MjOqWqBCFR/mjmEtNYOv+Vu+s+prx0fvJ1yecEMKXjzx5WMRwLtcN5ME3hDsK3QKUp XUVJdjsBQCCYWK2JBGI+wnw96Ek2S+/g1MFRc= MIME-Version: 1.0 Received: by 10.224.44.4 with SMTP id y4mr2422494qae.376.1282478050227; Sun, 22 Aug 2010 04:54:10 -0700 (PDT) Received: by 10.229.37.138 with HTTP; Sun, 22 Aug 2010 04:54:10 -0700 (PDT) In-Reply-To: <4C70D8C0.4536FA68@rcom-software.com> References: <4C70D8C0.4536FA68@rcom-software.com> Date: Sun, 22 Aug 2010 12:54:10 +0100 X-Google-Sender-Auth: C2KXjbzeR2cSc4ZYJzQKX6ZM-HI Message-ID: Subject: Re: Libssh2: Libgcrypt authentication failure From: Alexander Lamaison To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sun, 22 Aug 2010 13:54:38 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sun, 22 Aug 2010 13:54:18 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On 22 August 2010 08:58, Paul Romero wrote: > > I am experiencing a problem with libssh2 version 1.2.6 which > I don't understand. The symptoms are described below and suggest > the problem is specific to libgcrypt. Any insight about the > problem would be greatly appreciated ... > =A0 =A0const char *username=3D"paulr"; /* System Must stripped */ > =A0 =A0const char *password=3D"secret_agent"; > =A0 =A0const char *loclfile=3D"sftp_write_nonblock.c"; ... > while ((rc =3D libssh2_userauth_publickey_fromfile(session, username, > =A0 =A0 =A0 =A0"/home/paulr/.ssh/id_rsa.pub", > =A0 =A0 =A0 =A0"/home/paulr/.ssh/id_rsa", > =A0 =A0 =A0 =A0password)) =3D=3D LIBSSH2_ERROR_EAGAIN); I vaguely remember someone saying that libgcrypt can't handle a private key with a passphrase. Is this true or am I making things up? Alex -- Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun Aug 22 19:15:23 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7MHEx4T029511; Sun, 22 Aug 2010 19:15:18 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7MHEvCw029505 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sun, 22 Aug 2010 19:14:57 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o7MHEnlH026614 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Sun, 22 Aug 2010 19:14:51 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: Libssh2: Libgcrypt authentication failure References: <4C70D8C0.4536FA68@rcom-software.com> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100822:libssh2-devel@cool.haxx.se::za01azMEvpS4n+ek:36aC Date: Sun, 22 Aug 2010 19:14:48 +0200 In-Reply-To: (Alexander Lamaison's message of "Sun, 22 Aug 2010 12:54:10 +0100") Message-ID: <87r5hqvabb.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sun, 22 Aug 2010 19:15:23 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sun, 22 Aug 2010 19:14:57 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Alexander Lamaison writes: > On 22 August 2010 08:58, Paul Romero wrote: >> >> I am experiencing a problem with libssh2 version 1.2.6 which >> I don't understand. The symptoms are described below and suggest >> the problem is specific to libgcrypt. Any insight about the >> problem would be greatly appreciated > ... >> =A0 =A0const char *username=3D"paulr"; /* System Must stripped */ >> =A0 =A0const char *password=3D"secret_agent"; >> =A0 =A0const char *loclfile=3D"sftp_write_nonblock.c"; > ... >> while ((rc =3D libssh2_userauth_publickey_fromfile(session, username, >> =A0 =A0 =A0 =A0"/home/paulr/.ssh/id_rsa.pub", >> =A0 =A0 =A0 =A0"/home/paulr/.ssh/id_rsa", >> =A0 =A0 =A0 =A0password)) =3D=3D LIBSSH2_ERROR_EAGAIN); > > I vaguely remember someone saying that libgcrypt can't handle a > private key with a passphrase. Is this true or am I making things up? It is true. The Libgcrypt backend in libssh2 contains a hand written slimmed down ASN.1 parser to read out the RSA key, but it does not support any of the PKCS* encrypted forms of RSA keys. The OpenSSL backend in libssh2 uses OpenSSL to read the keys, so it supports whatever private key formats that OpenSSL supports. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun Aug 22 21:11:06 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7MJAmcZ005122; Sun, 22 Aug 2010 21:11:03 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7MJAiuC005099 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sun, 22 Aug 2010 21:10:46 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o7MJAbRX026071 for ; Sun, 22 Aug 2010 12:10:38 -0700 (PDT) Message-ID: <4C717649.4DE808DF@rcom-software.com> Date: Sun, 22 Aug 2010 12:11:06 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2 development Subject: Re: Libssh2: Libgcrypt authentication failure References: <4C70D8C0.4536FA68@rcom-software.com> <87r5hqvabb.fsf@mocca.josefsson.org> X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sun, 22 Aug 2010 21:11:06 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sun, 22 Aug 2010 21:10:46 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Simon: Is there an easy way to circumvent this problem ? I think most the ssh-keygen program used on most Linux/Unix systems these days uses PKCS key encryption. Best Regards, Paul R. Simon Josefsson wrote: > Alexander Lamaison writes: > > > On 22 August 2010 08:58, Paul Romero wrote: > >> > >> I am experiencing a problem with libssh2 version 1.2.6 which > >> I don't understand. The symptoms are described below and suggest > >> the problem is specific to libgcrypt. Any insight about the > >> problem would be greatly appreciated > > ... > >> const char *username="paulr"; /* System Must stripped */ > >> const char *password="secret_agent"; > >> const char *loclfile="sftp_write_nonblock.c"; > > ... > >> while ((rc = libssh2_userauth_publickey_fromfile(session, username, > >> "/home/paulr/.ssh/id_rsa.pub", > >> "/home/paulr/.ssh/id_rsa", > >> password)) == LIBSSH2_ERROR_EAGAIN); > > > > I vaguely remember someone saying that libgcrypt can't handle a > > private key with a passphrase. Is this true or am I making things up? > > It is true. The Libgcrypt backend in libssh2 contains a hand written > slimmed down ASN.1 parser to read out the RSA key, but it does not > support any of the PKCS* encrypted forms of RSA keys. The OpenSSL > backend in libssh2 uses OpenSSL to read the keys, so it supports > whatever private key formats that OpenSSL supports. > > /Simon > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 23 01:20:28 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7MNK4tn001481; Mon, 23 Aug 2010 01:20:23 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7MNK08c001163 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 23 Aug 2010 01:20:02 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o7MNJqg6032224 for ; Sun, 22 Aug 2010 16:19:53 -0700 (PDT) Message-ID: <4C71B0B5.5B1B4174@rcom-software.com> Date: Sun, 22 Aug 2010 16:20:21 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2 development Subject: Re: Libssh2: Libgcrypt authentication failure References: <4C70D8C0.4536FA68@rcom-software.com> <87r5hqvabb.fsf@mocca.josefsson.org> X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 23 Aug 2010 01:20:28 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 23 Aug 2010 01:20:02 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Simon: I discovered a simple solution. It relies on the fact that libgcrypt can decode RSA version 1 private keys. The solution is to specify "-t rsa1" when you run ssh-keygen. PS: You hints make finding the solution easy ! Best Regards, Paul R. Simon Josefsson wrote: > Alexander Lamaison writes: > > > On 22 August 2010 08:58, Paul Romero wrote: > >> > >> I am experiencing a problem with libssh2 version 1.2.6 which > >> I don't understand. The symptoms are described below and suggest > >> the problem is specific to libgcrypt. Any insight about the > >> problem would be greatly appreciated > > ... > >> const char *username="paulr"; /* System Must stripped */ > >> const char *password="secret_agent"; > >> const char *loclfile="sftp_write_nonblock.c"; > > ... > >> while ((rc = libssh2_userauth_publickey_fromfile(session, username, > >> "/home/paulr/.ssh/id_rsa.pub", > >> "/home/paulr/.ssh/id_rsa", > >> password)) == LIBSSH2_ERROR_EAGAIN); > > > > I vaguely remember someone saying that libgcrypt can't handle a > > private key with a passphrase. Is this true or am I making things up? > > It is true. The Libgcrypt backend in libssh2 contains a hand written > slimmed down ASN.1 parser to read out the RSA key, but it does not > support any of the PKCS* encrypted forms of RSA keys. The OpenSSL > backend in libssh2 uses OpenSSL to read the keys, so it supports > whatever private key formats that OpenSSL supports. > > /Simon > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 23 02:01:48 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7N01d3Q027595; Mon, 23 Aug 2010 02:01:47 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7N01atQ027501 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 23 Aug 2010 02:01:37 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o7N01TuB033180 for ; Sun, 22 Aug 2010 17:01:29 -0700 (PDT) Message-ID: <4C71BA76.96B397B8@rcom-software.com> Date: Sun, 22 Aug 2010 17:01:58 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2 development Subject: Re: ERROR - Libssh2: Libgcrypt authentication failure References: <4C70D8C0.4536FA68@rcom-software.com> <87r5hqvabb.fsf@mocca.josefsson.org> X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 23 Aug 2010 02:01:48 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 23 Aug 2010 02:01:38 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Simon: I apologize but the solution I described in my previous message is not valid. When I tested it, I forgot to configure libssh2 for libgcrypt, and when I did the parse problems returned. Best Regards, Paul R. ********** PREVIOUS MESSAGE ******** Hi Simon: I discovered a simple solution. It relies on the fact that libgcrypt can decode RSA version 1 private keys. The solution is to specify "-t rsa1" when you run ssh-keygen. PS: You hints make finding the solution easy ! Best Regards, Paul R. Simon Josefsson wrote: > Alexander Lamaison writes: > > > On 22 August 2010 08:58, Paul Romero wrote: > >> > >> I am experiencing a problem with libssh2 version 1.2.6 which > >> I don't understand. The symptoms are described below and suggest > >> the problem is specific to libgcrypt. Any insight about the > >> problem would be greatly appreciated > > ... > >> const char *username="paulr"; /* System Must stripped */ > >> const char *password="secret_agent"; > >> const char *loclfile="sftp_write_nonblock.c"; > > ... > >> while ((rc = libssh2_userauth_publickey_fromfile(session, username, > >> "/home/paulr/.ssh/id_rsa.pub", > >> "/home/paulr/.ssh/id_rsa", > >> password)) == LIBSSH2_ERROR_EAGAIN); > > > > I vaguely remember someone saying that libgcrypt can't handle a > > private key with a passphrase. Is this true or am I making things up? > > It is true. The Libgcrypt backend in libssh2 contains a hand written > slimmed down ASN.1 parser to read out the RSA key, but it does not > support any of the PKCS* encrypted forms of RSA keys. The OpenSSL > backend in libssh2 uses OpenSSL to read the keys, so it supports > whatever private key formats that OpenSSL supports. > > /Simon > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 26 01:00:11 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7PMxl5S016934; Thu, 26 Aug 2010 01:00:06 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7PMxhOo016913 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 26 Aug 2010 00:59:45 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o7PMxVP7055733 for ; Wed, 25 Aug 2010 15:59:36 -0700 (PDT) Message-ID: <4C75A068.1976DA28@rcom-software.com> Date: Wed, 25 Aug 2010 15:59:52 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Verifying the existence of a remote file. X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 26 Aug 2010 01:00:11 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 26 Aug 2010 00:59:45 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Dear Group: Is there a simple way to determine if a file exists on a remote SFTP server using the libssh2 API ? Best Regards, Paul R. -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 26 01:52:52 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7PNqmQS012839; Thu, 26 Aug 2010 01:52:52 +0200 Received: from ponderosa.fch.wimsey.bc.ca (zz20920564179.cipherkey.net [209.205.64.179]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7PNqkBI012835 for ; Thu, 26 Aug 2010 01:52:47 +0200 Received: by coneharvesters.com via sendmail with stdio id for libssh2-devel@cool.haxx.se; Wed, 25 Aug 2010 16:52:23 -0700 (PDT) Date: Wed, 25 Aug 2010 16:52:23 -0700 From: Dan Fandrich To: libssh2-devel@cool.haxx.se Subject: Re: Verifying the existence of a remote file. Message-ID: <20100825235222.GA28227@coneharvesters.com> Mail-Followup-To: libssh2-devel@cool.haxx.se References: <4C75A068.1976DA28@rcom-software.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4C75A068.1976DA28@rcom-software.com> User-Agent: Mutt/1.5.19 (2009-01-05) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 26 Aug 2010 01:52:52 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 26 Aug 2010 01:52:47 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Wed, Aug 25, 2010 at 03:59:52PM -0700, Paul Romero wrote: > Dear Group: > > Is there a simple way to determine if a file exists > on a remote SFTP server using the libssh2 API ? You can use libssh2_sftp_stat_ex() and look at the error code. >>> Dan _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 26 17:31:48 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7QFVQ8L020285; Thu, 26 Aug 2010 17:31:43 +0200 Received: from email.osc.edu (email.osc.edu [192.232.28.4]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7QFVNlG020258 for ; Thu, 26 Aug 2010 17:31:24 +0200 Received: from gw.osc.edu (gw.osc.edu [192.232.28.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by email.osc.edu (Postfix) with ESMTP id E796327C00B for ; Thu, 26 Aug 2010 11:31:18 -0400 (EDT) Received: from staffdom-MTA by gw.osc.edu with Novell_GroupWise; Thu, 26 Aug 2010 11:31:19 -0400 Message-Id: <4C765081020000A6000971C3@gw.osc.edu> X-Mailer: Novell GroupWise Internet Agent 8.0.2 Date: Thu, 26 Aug 2010 11:31:13 -0400 From: "Bradley Hittle" To: Subject: port forwarding through a machine Mime-Version: 1.0 Content-Disposition: inline X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 26 Aug 2010 17:31:48 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 26 Aug 2010 17:31:25 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hello, Sorry if this is a repost, I thought I was added to the list but added and resending. I've been using the libssh2 library in my application to communicate with a remote server from a thin client application. So far, I have to say I am very happy with libssh2 =). The application I wrote will send commands to the server (transfer files, run scripts, etc), and it will port forward my local port to the server. My question is about forwarding through an intermediate machine, so in my case the machines I want to access are on a private network. If its just the server (send a local port to the server) then this case is working. I want to extend this to involve a second hop. The plink equivalent (-L option) lets you specify the local host/port, then the remote host/port to use to tunnel through. A:12345-> A:22 -> B:22 -> B:12345 (thin client A connects to B) A:12345-> A:22 -> B:22 -> C:22 -> C:12345 (thin client A forwards through B to C) Now my question involves what I should be using to connect to the remote machine. I want to connect to the Server B initially, but how do I tell B to send its contents to machine C? Would I want to have an application that sits on B that sends its contents to C? A:12345-> A:22 -> B:22 -> B:12345 -> B:12345 -> B:22 -> C:22 -> C:12345 Many thanks for the help! -brad _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 26 18:21:16 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7QGL8Fk022321; Thu, 26 Aug 2010 18:21:15 +0200 Received: from mcfeely.foofus.net (mcfeely.foofus.net [64.73.34.167]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7QGL5rC022079 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 26 Aug 2010 18:21:07 +0200 Received: (qmail 6876 invoked from network); 26 Aug 2010 16:20:56 -0000 Received: from unknown (HELO ?127.0.0.1?) (relay@127.0.0.1) by localhost with ESMTPA; 26 Aug 2010 16:20:56 -0000 Subject: Thread safety issues From: jmk To: libssh2 development Organization: Foofus Networks Date: Thu, 26 Aug 2010 11:20:57 -0500 Message-ID: <1282839657.18286.4.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.30.2 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 26 Aug 2010 18:21:16 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 26 Aug 2010 18:21:07 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi, I maintain a password auditing utility[1] and have been using libssh2 with it for a while. Unfortunately, I seem to encounter thread safety issues from time to time within the library. For example, if compiled with libgcrypt, multi-threaded uses of the library consistently result in a segfault. Everything appeared to behave as expected using libssh2 compiled with openssl support up through version 1.2.6. Starting with 1.2.7, multi-threaded uses result in segfaults (double frees) such as: /lib/libc.so.6(+0x72966)[0x7f7d65dc4966] /lib/libc.so.6(+0x78433)[0x7f7d65dca433] /lib/libc.so.6(realloc+0xf0)[0x7f7d65dca8d0] /usr/lib/libcrypto.so.0.9.8(CRYPTO_realloc+0x65)[0x7f7d66c144a5] /usr/lib/libcrypto.so.0.9.8(lh_insert+0x12b)[0x7f7d66c73e2b] /usr/lib/libcrypto.so.0.9.8(OBJ_NAME_add+0x6b)[0x7f7d66c16f5b] /usr/lib/libcrypto.so.0.9.8(OpenSSL_add_all_ciphers +0x4ad)[0x7f7d66c7f3bd] /usr/lib/libcrypto.so.0.9.8(OPENSSL_add_all_algorithms_noconf +0xe)[0x7f7d66c7eefe] /usr/local/lib/libssh2.so.1(libssh2_init+0x24)[0x7f7d61c81d3c] /usr/local/lib/libssh2.so.1(+0x29d9c)[0x7f7d61c81d9c] /usr/local/lib/libssh2.so.1(libssh2_session_init_ex +0xf8)[0x7f7d61c70fd4] I'm at a loss for where to start debugging this. It's certainly possible I've used the library in an incorrect manner, but everything worked fine prior to 1.2.7 with openssl. I'm open to suggestions on where to start debugging or what information would be useful to track down the issue. Thanks, Joe [1] http://www.foofus.net/~jmk/medusa/medusa.html _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Aug 26 23:45:26 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7QLj8U7025838; Thu, 26 Aug 2010 23:45:23 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7QLj6j2025763 for ; Thu, 26 Aug 2010 23:45:06 +0200 Date: Thu, 26 Aug 2010 23:45:06 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Thread safety issues In-Reply-To: <1282839657.18286.4.camel@localhost> Message-ID: References: <1282839657.18286.4.camel@localhost> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Thu, 26 Aug 2010 23:45:25 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 26 Aug 2010 23:45:06 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Thu, 26 Aug 2010, jmk wrote: > I maintain a password auditing utility[1] and have been using libssh2 with > it for a while. Unfortunately, I seem to encounter thread safety issues from > time to time within the library. For example, if compiled with libgcrypt, > multi-threaded uses of the library consistently result in a segfault. > Everything appeared to behave as expected using libssh2 compiled with > openssl support up through version 1.2.6. Starting with 1.2.7, > multi-threaded uses result in segfaults (double frees) such as: Both libgcrypt and OpenSSL have mutex functions that are supposed to be used when handled multi-threaded. Do you use them? > I'm at a loss for where to start debugging this. If you're convinced this works with 1.2.6 and not 1.2.7, it could be an idea to bisect your way to the exact change that introduced this problem in the code. "git help bisect" ! -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 27 03:19:04 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7R1Ig6Z020581; Fri, 27 Aug 2010 03:18:59 +0200 Received: from mail2.barcelona04.com (mx2.barcelona04.com [190.139.108.163]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7R1IdMI020574 for ; Fri, 27 Aug 2010 03:18:39 +0200 X-Spam-Status: No, hits=0.0 required=4.0 tests=BAYES_50: 1.567, CUSTOM_RULE_FROM: ALLOW, TOTAL_SCORE: 1.567, autolearn=no X-Spam-Level: Received: from localhost ([127.0.0.1]) by mail2.barcelona04.com for libssh2-devel@cool.haxx.se; Thu, 26 Aug 2010 22:21:24 -0300 Message-ID: <4C77124D.3060909@barcelona04.com> Date: Thu, 26 Aug 2010 22:18:05 -0300 From: Ezequiel Ruiz User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; es-AR; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: SFTP Compression support X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 27 Aug 2010 03:19:04 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 27 Aug 2010 03:18:40 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hello guys. I'm trying to open and read a file by using the SFTP subsystem, and it works OK by using the sources of any of the sftp examples. But if I try to set the compression flag enabled with libssh2_session_method_pref(session,LIBSSH2_METHOD_COMP_SC,"zlib") before calling libssh2_session_startup(), then it fails when opening the file handler with libssh2_sftp_open(), It can connect and authenticate without problem, but it can't open that file. If I query the last error, it reports a "-1" (I think it is LIBSSH2_ERROR_SOCKET_NONE). But the most intresting thing is, that if instead of opening an sftp file handle I try to open and use a channel, then it works OK, and compression makes the transfer really faster than without compression. SO, the question is: Is the LIBSSH2_METHOD_COMP_SC flag supported for the sftp subsystem?, perhaps I'm doing something wrong?. Thanks in advance for the answer. Ezequiel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Aug 27 06:50:26 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7R4nnSB001131; Fri, 27 Aug 2010 06:50:23 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7R4nk21001122 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Fri, 27 Aug 2010 06:49:47 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o7R4ncUF011389 for ; Thu, 26 Aug 2010 21:49:42 -0700 (PDT) Message-ID: <4C7743F5.6234F936@rcom-software.com> Date: Thu, 26 Aug 2010 21:49:57 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Libssh2/Libgcrypt: Can't Parse RSA Keys X-Priority: 2 (High) X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 27 Aug 2010 06:50:26 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 27 Aug 2010 06:49:48 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Dear Group: Thanks to previous hints about SSH private key formats, I was able to isolate the code that fails when trying to parse PKCS encoded RSA keys. (i.e. Private keys with a passphrase.) The failure occurs in libssh2_base64_parse() when it is called by _libssh2_pem_parse(). Previous E-Mail indicates the problem is PKCS encoded private RSA keys, which the current code cannot handle. (i.e. I am using version 1.2.6) My application needs to be able to handle at least RSA 1 private keys, and preferably RSA 2 private keys. Can the Libssh2 code handle unencrypted RSA 1 or 2 keys ? If not, how can I circumvent the problem enough for interoperability with standard Linux servers ? Also, when will the problem be fixed ? Note that using Openssl is not an option ! Best Regards, Paul R. -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 28 00:52:33 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7RI2B18004569; Fri, 27 Aug 2010 20:02:28 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7RI29ep004468 for ; Fri, 27 Aug 2010 20:02:09 +0200 Date: Fri, 27 Aug 2010 20:02:08 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: SFTP Compression support In-Reply-To: <4C77124D.3060909@barcelona04.com> Message-ID: References: <4C77124D.3060909@barcelona04.com> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 27 Aug 2010 20:02:30 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 27 Aug 2010 20:02:09 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Thu, 26 Aug 2010, Ezequiel Ruiz wrote: > SO, the question is: Is the LIBSSH2_METHOD_COMP_SC flag supported for the > sftp subsystem?, perhaps I'm doing something wrong?. I figure it _should_ work but I can't say I've tried it. Is this using libssh2 1.2.7? -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 28 00:57:17 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7RI4dk7010330; Fri, 27 Aug 2010 20:04:40 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7RI4bSI010251 for ; Fri, 27 Aug 2010 20:04:37 +0200 Date: Fri, 27 Aug 2010 20:04:37 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Libssh2/Libgcrypt: Can't Parse RSA Keys In-Reply-To: <4C7743F5.6234F936@rcom-software.com> Message-ID: References: <4C7743F5.6234F936@rcom-software.com> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Fri, 27 Aug 2010 20:04:41 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Fri, 27 Aug 2010 20:04:37 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Thu, 26 Aug 2010, Paul Romero wrote: > My application needs to be able to handle at least RSA 1 private keys, and > preferably RSA 2 private keys. > > Can the Libssh2 code handle unencrypted RSA 1 or 2 keys ? The libssh2 code handles encrypted private keys if you build with OpenSSL, and only unencrypted private keys if you build with libgcrypt. If i understand things correctly. > Also, when will the problem be fixed ? As soon as someone sends in the patch that fixes the problems! This is open source, we depend on people stepping up to do the work. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 28 01:44:05 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7RNhwcS010553; Sat, 28 Aug 2010 01:44:04 +0200 Received: from mail2.barcelona04.com (mx2.barcelona04.com [190.139.108.163]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7RNhuhO010542 for ; Sat, 28 Aug 2010 01:43:56 +0200 X-Spam-Status: No, hits=0.0 required=4.0 tests=BAYES_00: -1.665, CUSTOM_RULE_FROM: ALLOW, TOTAL_SCORE: -1.665, autolearn=ham X-Spam-Level: Received: from localhost ([127.0.0.1]) by mail2.barcelona04.com; Fri, 27 Aug 2010 20:46:45 -0300 Message-ID: <4C784D9E.9070804@barcelona04.com> Date: Fri, 27 Aug 2010 20:43:26 -0300 From: Ezequiel Ruiz User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; es-AR; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2 MIME-Version: 1.0 To: libssh2 development Subject: Re: SFTP Compression support References: <4C77124D.3060909@barcelona04.com> In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 28 Aug 2010 01:44:05 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 28 Aug 2010 01:43:57 +0200 (CEST) Cc: Daniel Stenberg X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Yes its 1.2.7. Compiled with mingw 4.4 under windows 7, OpenSSL 0.9.8 = and zlib 1.2.3. As I've said, compression works when dealing with channels, but can't = open sftp file handles. El 27/08/2010 03:02 p.m., Daniel Stenberg escribi=F3: > On Thu, 26 Aug 2010, Ezequiel Ruiz wrote: > >> SO, the question is: Is the LIBSSH2_METHOD_COMP_SC flag supported for = >> the sftp subsystem?, perhaps I'm doing something wrong?. > > I figure it _should_ work but I can't say I've tried it. > > Is this using libssh2 1.2.7? > _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 28 05:08:03 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7S37LHO004872; Sat, 28 Aug 2010 05:07:59 +0200 Received: from mcfeely.foofus.net (mcfeely.foofus.net [64.73.34.167]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7S37Hnm004835 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sat, 28 Aug 2010 05:07:19 +0200 Received: (qmail 10955 invoked from network); 28 Aug 2010 03:07:11 -0000 Received: from unknown (HELO ?127.0.0.1?) (relay@127.0.0.1) by localhost with ESMTPA; 28 Aug 2010 03:07:11 -0000 Subject: Re: Thread safety issues From: jmk To: libssh2 development In-Reply-To: References: <1282839657.18286.4.camel@localhost> Organization: Foofus Networks Date: Fri, 27 Aug 2010 22:07:14 -0500 Message-ID: <1282964834.2717.20.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.30.2 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 28 Aug 2010 05:08:03 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 28 Aug 2010 05:07:20 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Thu, 2010-08-26 at 23:45 +0200, Daniel Stenberg wrote: > On Thu, 26 Aug 2010, jmk wrote: > > > I maintain a password auditing utility[1] and have been using libssh2 with > > it for a while. Unfortunately, I seem to encounter thread safety issues from > > time to time within the library. For example, if compiled with libgcrypt, > > multi-threaded uses of the library consistently result in a segfault. > > Everything appeared to behave as expected using libssh2 compiled with > > openssl support up through version 1.2.6. Starting with 1.2.7, > > multi-threaded uses result in segfaults (double frees) such as: > > Both libgcrypt and OpenSSL have mutex functions that are supposed to be used > when handled multi-threaded. Do you use them? I'm not directly calling any libgcrypt/openssl functions within this code. I'm simply calling libssh2_session_init/libssh2_session_startup. I'm assuming the openssl mutex use would need to take place within libssh2, no? > > I'm at a loss for where to start debugging this. > > If you're convinced this works with 1.2.6 and not 1.2.7, it could be an idea > to bisect your way to the exact change that introduced this problem in the > code. "git help bisect" ! I played with bisect, but unfortunately, I didn't get anywhere. The segmentation faults are showing up now intermittently across multiple versions of the library. In an effort to simplify the problem (i.e. multiple concurrent SSH connection attempts), I decided to just take the example ssh2.c code and hack it to be multi-threaded. My thinking was that if I could start with known working, extend it to multi-threaded connections, I could transfer that to my application. Here's my simple hack to kick off a few concurrent logons: http://www.foofus.net/~jmk/tmp/ssh2.c.txt As noted below, this resulted in intermittent segmentation faults. About half of the time it'd finish fine, the other half I'd see the double free message. Should this hack have worked or am I completely off target here? Thanks! Joe % ./ssh2 thread 0 created. thread 1 created. thread 2 created. thread 3 created. *** glibc detected *** /home/jmk/tmp/libssh2/libssh2-git/example/.libs/ssh2: double free or corruption (!prev): 0x0000000001621310 *** ======= Backtrace: ========= /lib/libc.so.6(+0x72966)[0x7f47b47fa966] /lib/libc.so.6(+0x78433)[0x7f47b4800433] /lib/libc.so.6(realloc+0xf0)[0x7f47b48008d0] /usr/lib/libcrypto.so.0.9.8(CRYPTO_realloc+0x65)[0x7f47b4f7e4a5] /usr/lib/libcrypto.so.0.9.8(lh_insert+0x12b)[0x7f47b4fdde2b] /usr/lib/libcrypto.so.0.9.8(OBJ_NAME_add+0x6b)[0x7f47b4f80f5b] /usr/lib/libcrypto.so.0.9.8(EVP_add_cipher+0x1b)[0x7f47b4fe501b] /usr/lib/libcrypto.so.0.9.8(OpenSSL_add_all_ciphers +0x10d)[0x7f47b4fe901d] /usr/lib/libcrypto.so.0.9.8(OPENSSL_add_all_algorithms_noconf +0xe)[0x7f47b4fe8efe] /home/jmk/tmp/libssh2/libssh2-git/src/.libs/libssh2.so.1(libssh2_init +0x39)[0x7f47b5511d09] /home/jmk/tmp/libssh2/libssh2-git/example/.libs/ssh2[0x401113] /lib/libpthread.so.0(+0x6894)[0x7f47b4ae7894] /lib/libc.so.6(clone+0x6d)[0x7f47b485927d] _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 28 20:00:44 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7SI015b018992; Sat, 28 Aug 2010 20:00:39 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7SI00o5018908 for ; Sat, 28 Aug 2010 20:00:00 +0200 Date: Sat, 28 Aug 2010 20:00:00 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Thread safety issues In-Reply-To: <1282964834.2717.20.camel@localhost> Message-ID: References: <1282839657.18286.4.camel@localhost> <1282964834.2717.20.camel@localhost> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 28 Aug 2010 20:00:44 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 28 Aug 2010 20:00:00 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Fri, 27 Aug 2010, jmk wrote: >> Both libgcrypt and OpenSSL have mutex functions that are supposed to be >> used when handled multi-threaded. Do you use them? > > I'm not directly calling any libgcrypt/openssl functions within this code. > I'm simply calling libssh2_session_init/libssh2_session_startup. I'm > assuming the openssl mutex use would need to take place within libssh2, no? No, libssh2 doesn't do that. It's a subject worth considering for the future. I would suggest that you first try using those and see if they make the problems go away or if they remain. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Aug 28 21:29:39 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7SJTNKK009489; Sat, 28 Aug 2010 21:29:36 +0200 Received: from hrndva-omtalb.mail.rr.com (hrndva-omtalb.mail.rr.com [71.74.56.124]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7SJTL6t009449 for ; Sat, 28 Aug 2010 21:29:22 +0200 X-Authority-Analysis: v=1.1 cv=tmcEYLAoDqwcE/92ninAvjUMbWeHvL1caymGjnMU8Ns= c=1 sm=0 a=O-pu0537hIgA:10 a=kj9zAlcOel0A:10 a=9At4Jy2cJ7Ox3H4DxHCJAg==:17 a=lY98SN1zKK4BttqmxfIA:9 a=UcGuyLAwkefcr0_vxzYA:7 a=xH9FtAyH82fKJ1UAvTFB2oKjHTkA:4 a=CjuIK1q_8ugA:10 a=9At4Jy2cJ7Ox3H4DxHCJAg==:117 X-Cloudmark-Score: 0 X-Originating-IP: 70.116.71.237 Received: from [70.116.71.237] ([70.116.71.237:53499] helo=dc7100.roadrunn.com) by hrndva-oedge02.mail.rr.com (envelope-from ) (ecelerity 2.2.2.39 r()) with ESMTP id 32/EC-18983-883697C4; Sat, 28 Aug 2010 19:29:13 +0000 Received: by dc7100.roadrunn.com (Postfix, from userid 501) id 4C038830975; Sat, 28 Aug 2010 14:25:04 -0500 (CDT) X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on dc7100.roadrunn.com X-Spam-Level: X-Spam-Status: No, score=-4.3 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.5 Received: from ngierman3 (dc7100 [192.168.1.6]) by dc7100.roadrunn.com (Postfix) with ESMTP id 7C91983009A for ; Sat, 28 Aug 2010 14:25:03 -0500 (CDT) From: "Neil Gierman" To: "'libssh2 development'" References: <1282839657.18286.4.camel@localhost> In-Reply-To: <1282839657.18286.4.camel@localhost> Subject: RE: Thread safety issues Date: Sat, 28 Aug 2010 14:29:30 -0500 Message-ID: <000501cb46e7$567e7970$037b6c50$@com> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: ActFOorXmtiCGOheTCq5jSYem/170ABrH6cw Content-Language: en-us X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Sat, 28 Aug 2010 21:29:39 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Sat, 28 Aug 2010 21:29:22 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se > /usr/lib/libcrypto.so.0.9.8(CRYPTO_realloc+0x65)[0x7f7d66c144a5] > /usr/lib/libcrypto.so.0.9.8(lh_insert+0x12b)[0x7f7d66c73e2b] > /usr/lib/libcrypto.so.0.9.8(OBJ_NAME_add+0x6b)[0x7f7d66c16f5b] > /usr/lib/libcrypto.so.0.9.8(OpenSSL_add_all_ciphers > +0x4ad)[0x7f7d66c7f3bd] > /usr/lib/libcrypto.so.0.9.8(OPENSSL_add_all_algorithms_noconf > +0xe)[0x7f7d66c7eefe] What version of OpenSSL 0.9.8 are you running? We had weird crashes when using 0.9.8b and those when away when we move to 0.9.8g _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 13:58:32 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UBw7lH028700; Mon, 30 Aug 2010 13:58:27 +0200 Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UBvs95028595 for ; Mon, 30 Aug 2010 13:58:04 +0200 Received: by qwg5 with SMTP id 5so6113785qwg.41 for ; Mon, 30 Aug 2010 04:57:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.224.19.129 with SMTP id a1mr2857648qab.12.1283169467187; Mon, 30 Aug 2010 04:57:47 -0700 (PDT) Received: by 10.229.228.13 with HTTP; Mon, 30 Aug 2010 04:57:47 -0700 (PDT) In-Reply-To: <000501cb46e7$567e7970$037b6c50$@com> References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> Date: Mon, 30 Aug 2010 13:57:47 +0200 Message-ID: Subject: Re: Thread safety issues From: Jose Baars To: libssh2 development X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 13:58:32 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 13:58:05 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1585768479==" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --===============1585768479== Content-Type: multipart/alternative; boundary=0015175cb2c2474258048f092cdf --0015175cb2c2474258048f092cdf Content-Type: text/plain; charset=ISO-8859-1 Wouldn't the libssh2_init function be one of the prime suspects? This function was added in libssh2 1.2.7. I have not done any further investigation into if or how this would really affect use of it in a multithreaded environment, but use of static variables in a multithreaded environment is commonly not regarded as a good thing. ... static int _libssh2_initialized = 0; static int _libssh2_init_flags = 0; LIBSSH2_API int libssh2_init(int flags) { ... Jose --0015175cb2c2474258048f092cdf Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Wouldn't the libssh2_init function be one of the prime suspects?
Th= is function was added in libssh2 1.2.7.

I have not done any further= investigation into if or how this would really affect
use of it in a m= ultithreaded environment, but use of static variables in a
multithreaded environment is commonly not regarded as a good thing.
...<= br>static int _libssh2_initialized =3D 0;
static int _libssh2_init_flags= =3D 0;

LIBSSH2_API int
libssh2_init(int flags)
{
...
Jose


--0015175cb2c2474258048f092cdf-- --===============1585768479== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1585768479==-- From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 15:47:11 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UDl1v3016018; Mon, 30 Aug 2010 15:47:09 +0200 Received: from hrndva-omtalb.mail.rr.com (hrndva-omtalb.mail.rr.com [71.74.56.122]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UDkqtJ015898 for ; Mon, 30 Aug 2010 15:46:52 +0200 X-Authority-Analysis: v=1.1 cv=h9FjAN2ougM9pVhvDq3M6+cWFo1DP5/t8S/Ny2XAPyw= c=1 sm=0 a=O-pu0537hIgA:10 a=kj9zAlcOel0A:10 a=9At4Jy2cJ7Ox3H4DxHCJAg==:17 a=DcSfw67zhm4Ffx_FaNYA:9 a=MNhuKENu7pGZc13relJ4rqX9HEMA:4 a=CjuIK1q_8ugA:10 a=9At4Jy2cJ7Ox3H4DxHCJAg==:117 X-Cloudmark-Score: 0 X-Originating-IP: 70.116.71.237 Received: from [70.116.71.237] ([70.116.71.237:59983] helo=dc7100.roadrunn.com) by hrndva-oedge03.mail.rr.com (envelope-from ) (ecelerity 2.2.2.39 r()) with ESMTP id 27/EC-26575-446BB7C4; Mon, 30 Aug 2010 13:46:44 +0000 Received: by dc7100.roadrunn.com (Postfix, from userid 501) id 65C9B830998; Mon, 30 Aug 2010 08:42:29 -0500 (CDT) X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on dc7100.roadrunn.com X-Spam-Level: X-Spam-Status: No, score=-4.3 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.5 Received: from ngierman3 (dc7100 [192.168.1.6]) by dc7100.roadrunn.com (Postfix) with ESMTP id A10AB830975 for ; Mon, 30 Aug 2010 08:42:28 -0500 (CDT) From: "Neil Gierman" To: "'libssh2 development'" References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> In-Reply-To: Subject: RE: Thread safety issues Date: Mon, 30 Aug 2010 08:46:51 -0500 Message-ID: <001701cb4849$cce4a4a0$66adede0$@com> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: ActIOu1+rfJGwXN5T9CJ4exmMJsoOAADqukA Content-Language: en-us X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 15:47:11 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 15:46:53 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se > Wouldn't the libssh2_init function be one of the prime suspects? > This function was added in libssh2 1.2.7. Supporting that, I have not yet upgraded to 1.2.7 (still on 1.2.4) and multi-threaded sessions are working just fine. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 15:51:49 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UDpjZC018125; Mon, 30 Aug 2010 15:51:49 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UDpiQ7018120 for ; Mon, 30 Aug 2010 15:51:44 +0200 Date: Mon, 30 Aug 2010 15:51:44 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Thread safety issues In-Reply-To: Message-ID: References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 15:51:49 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 15:51:44 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Mon, 30 Aug 2010, Jose Baars wrote: > Wouldn't the libssh2_init function be one of the prime suspects? This > function was added in libssh2 1.2.7. Quoted from the man page for libssh2_init(): It uses a global state, and is not thread safe -- you must make sure this function is not called concurrently. ... and before anyone questions the reasoning for this let me exaplain that the underlying libraries (OpenSSL or libgcrypt) both have non thread-safe init functions themselves that libssh2 need to use. Thus, 1.2.7 is actually more thread-safe than previously as now it offers a way for the app to do these things in a controlled manner. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 16:11:07 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UEAwiG031607; Mon, 30 Aug 2010 16:11:06 +0200 Received: from ecdor130.cmc.ec.gc.ca (ecdor130.cmc.ec.gc.ca [199.212.17.130]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UEAvor031546 for ; Mon, 30 Aug 2010 16:10:57 +0200 Received: from ecdor130.cmc.ec.gc.ca (localhost [127.0.0.1]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id 1BB1F4C219 for ; Mon, 30 Aug 2010 14:10:49 +0000 (GMT) Received: from [142.135.2.4] (averroes.cmc.ec.gc.ca [142.135.2.4]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id 0AA134BB8A for ; Mon, 30 Aug 2010 14:10:49 +0000 (GMT) Message-ID: <4C7BBBE8.20403@ec.gc.ca> Date: Mon, 30 Aug 2010 10:10:48 -0400 From: Michel Valin User-Agent: Thunderbird 2.0.0.24 (X11/20100228) MIME-Version: 1.0 To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 16:11:07 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 16:10:57 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se potentially dumb question/suggestion: why not put a mutex lock in libssh2_init() ? or have a libssh2_init_safe() wrapper with mutex aroud it ? on the down side this would force to always link with the thread library Daniel Stenberg wrote: > On Mon, 30 Aug 2010, Jose Baars wrote: > >> Wouldn't the libssh2_init function be one of the prime suspects? This >> function was added in libssh2 1.2.7. > > Quoted from the man page for libssh2_init(): > > It uses a global state, and is not thread safe -- you must > make sure this function is not called concurrently. > > ... and before anyone questions the reasoning for this let me exaplain > that the underlying libraries (OpenSSL or libgcrypt) both have non > thread-safe init functions themselves that libssh2 need to use. > > Thus, 1.2.7 is actually more thread-safe than previously as now it > offers a way for the app to do these things in a controlled manner. > -- Michel.Valin@ec.gc.CA _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 16:23:54 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UENlqu008447; Mon, 30 Aug 2010 16:23:54 +0200 Received: from shell.lmi.net (shell.lmi.net [66.117.140.246]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UENifL008354 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 30 Aug 2010 16:23:45 +0200 Received: from rcom-software.com (75-101-82-95.dsl2st.lmi.net [75.101.82.95]) by shell.lmi.net (8.14.1/8.14.1) with ESMTP id o7UENW0M032706 for ; Mon, 30 Aug 2010 07:23:36 -0700 (PDT) Message-ID: <4C7BBEF6.AD24EB6E@rcom-software.com> Date: Mon, 30 Aug 2010 07:23:50 -0700 From: Paul Romero Organization: RCOM Communications Software X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,es,de-DE,fr-FR MIME-Version: 1.0 To: libssh2 development Subject: Re: Libssh2/Libgcrypt: Can't Parse RSA Keys References: <4C7743F5.6234F936@rcom-software.com> X-Scanned-By: MIMEDefang 2.37 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 16:23:54 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 16:23:46 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi Daniel: Thank you for the clarification. I am interested in adding the ability to handle encrypted RSA keys to the software when it is configured for use with libgcrypt. It there any important information other than how PKCS encoding works with which one should be familiar ? Best Regards, Paul R. Daniel Stenberg wrote: > On Thu, 26 Aug 2010, Paul Romero wrote: > > > My application needs to be able to handle at least RSA 1 private keys, and > > preferably RSA 2 private keys. > > > > Can the Libssh2 code handle unencrypted RSA 1 or 2 keys ? > > The libssh2 code handles encrypted private keys if you build with OpenSSL, and > only unencrypted private keys if you build with libgcrypt. If i understand > things correctly. > > > Also, when will the problem be fixed ? > > As soon as someone sends in the patch that fixes the problems! This is open > source, we depend on people stepping up to do the work. > > -- > > / daniel.haxx.se > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Paul Romero RCOM Communications Software Phone/Fax: (510)339-2628 E-Mail: paulr@rcom-software.com _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 16:45:35 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UEjRea024282; Mon, 30 Aug 2010 16:45:34 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UEjQgm024254 for ; Mon, 30 Aug 2010 16:45:26 +0200 Date: Mon, 30 Aug 2010 16:45:26 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Thread safety issues In-Reply-To: <4C7BBBE8.20403@ec.gc.ca> Message-ID: References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 16:45:35 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 16:45:26 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Mon, 30 Aug 2010, Michel Valin wrote: > potentially dumb question/suggestion: > > why not put a mutex lock in libssh2_init() ? > > or have a libssh2_init_safe() wrapper with mutex aroud it ? > > on the down side this would force to always link with the thread library Right, libssh2 doesn't need a thread library so it doesn't check for or use one. Also, at least in *nix land it is also quite possible that the application is using its own mutex or thread library and it's hard for libssh2 to know which to use. Therefore, we try to document that libssh2_init is not thread safe so that applications that use threads can do that mutexing instead. Of course, thiis doesn't have to be like this forever, it is just how things work now. If you have ideas and suggestions on how to behave instead, please let us know. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 17:28:40 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UFSLtd016465; Mon, 30 Aug 2010 17:28:36 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UFSKwm016455 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 30 Aug 2010 17:28:20 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o7UFSBgQ011144 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Mon, 30 Aug 2010 17:28:13 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100830:libssh2-devel@cool.haxx.se::BElhtELHywF9Xa4H:MFou Date: Mon, 30 Aug 2010 17:28:10 +0200 In-Reply-To: (Daniel Stenberg's message of "Mon, 30 Aug 2010 16:45:26 +0200 (CEST)") Message-ID: <87y6borugl.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 17:28:40 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 17:28:20 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se I've been pondering on the thread library problem for a couple of libraries already, and the problem is Hard. The dominant solutions are: 0) Don't do anything and require callers to setup threading. Pros: - The library is simpler and doesn't link to a thread library. Cons: - Layer violation, callers needs to be aware of the crypto library used by libssh2 and setup mutex appropriately. 1) Provide an APIs and let the caller set mutex hooks. Pros: - The library does not have to link a thread library. - No layering violation. Cons: - It is easy to forget to make this call when you are writing a multi-threaded program, which can lead to subtle errors. - It is complicated to initialize the library correctly if you have one big application that links to two separate libraries that both in turn link to libssh2. 2) Hard-code the thread implementation to support during build time. Pros: - Easier to use, as things happens automatically. Cons: - Even non-threaded applications now link to libpthread and call thread-related functions. - May result in multiple libraries, one for each thread implementation. E.g., libssh2_pthread, libssh2_gnupth, libssh2_nptl, etc. There are some other alternatives, but I don't recall them now. I have yet to use alternative 2 successfully for a low-level shared library. Pthreads appears to be the "winning" thread implementation on GNU systems, so maybe it could be considered here? On my system, libldap.so is linking to pthreads so the approach has been tested. (However, I think there are some tricky bugs for libldap caused by this decision.) Personally, my experience is that threaded programs are impossible to maintain and keep reliable in the long run (10+ years) due to the higher complexity. This is why I prefer approach 0 or 1, which puts the effort on the shoulders on those that uses threading. The downside is that it is not a responsible decision because the reality is that some things are threaded and one has to deal with it. For a library like libssh2, the part that really needs mutexes today is the RNG. Crypto libraries needs mutexes when hashing its global entropy pool. In GnuTLS we are experimenting with using GNU Nettle (which is a completely thread safe crypto library) and some internal randomness functionality. I'm hoping this will work out, but it is too early to tell. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 21:30:03 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UJTOH7031761; Mon, 30 Aug 2010 21:29:59 +0200 Received: from mx1.belnet.be (mx1.belnet.be [193.190.198.9]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UJTMlb031742 for ; Mon, 30 Aug 2010 21:29:22 +0200 X-IronPort-AV: E=Sophos;i="4.56,294,1280700000"; d="scan'208";a="921733" Received: from firewall.belnet.be (HELO relay.fw.belnet.be) ([193.190.198.37]) by mx1-out.belnet.be with ESMTP; 30 Aug 2010 21:29:13 +0200 Received: from [192.168.2.3] (unknown [79.132.233.52]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by relay.fw.belnet.be (Postfix) with ESMTPSA id 070CC260 for ; Mon, 30 Aug 2010 21:19:21 +0200 (CEST) Message-ID: <4C7C0688.2060909@0xbadc0de.be> Date: Mon, 30 Aug 2010 21:29:12 +0200 From: Aris Adamantiadis User-Agent: Thunderbird 2.0.0.24 (X11/20100411) MIME-Version: 1.0 To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 21:30:03 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 21:29:22 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hi, I permit myself to give an opinion on the subject because I just realized today that libssh was not threadsafe in the way I though it was. The mainline for thread safety was "call ssh_init at the beginning of your program and libssh will be threadsafe". Yes, except that libgcrypt and libcrypto are not threadsafe at all (for instance in the RAND_bytes function and gcrypt's equivalent). The only solution is to implement solutions 1 and 2 Simon has described in his mail. I think libssh2 falls in the same trap and has to be aware of the threading model used by the host application since it depends on software which is inherently not threadsafe. My two cents, Kr, Aris Daniel Stenberg a =E9crit : > On Mon, 30 Aug 2010, Michel Valin wrote: > = >> potentially dumb question/suggestion: >> >> why not put a mutex lock in libssh2_init() ? >> >> or have a libssh2_init_safe() wrapper with mutex aroud it ? >> >> on the down side this would force to always link with the thread library > = > Right, libssh2 doesn't need a thread library so it doesn't check for or > use one. Also, at least in *nix land it is also quite possible that the > application is using its own mutex or thread library and it's hard for > libssh2 to know which to use. > = > Therefore, we try to document that libssh2_init is not thread safe so > that applications that use threads can do that mutexing instead. > = > Of course, thiis doesn't have to be like this forever, it is just how > things work now. If you have ideas and suggestions on how to behave > instead, please let us know. > = _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 22:17:23 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKH9jq004586; Mon, 30 Aug 2010 22:17:21 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKH81i004528 for ; Mon, 30 Aug 2010 22:17:08 +0200 Date: Mon, 30 Aug 2010 22:17:08 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Thread safety issues In-Reply-To: <4C7C0688.2060909@0xbadc0de.be> Message-ID: References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> <4C7C0688.2060909@0xbadc0de.be> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 22:17:23 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 22:17:08 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Mon, 30 Aug 2010, Aris Adamantiadis wrote: > I think libssh2 falls in the same trap and has to be aware of the threading > model used by the host application since it depends on software which is > inherently not threadsafe. No, libssh2 does not fall into that trap exactly because we already document that libssh2_init is not thread-safe so anyone who uses threads needs to take precautions. libssh2 does not have to be aware, as Simon's list of alteratives show although that is certainly one way to do it. The current approach we use is very common approach among libraries so I don't consider libssh2 any strange in this aspect. In fact, I would've expected the same or similar wording and limitation in libssh. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 22:36:13 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKa4S8018933; Mon, 30 Aug 2010 22:36:12 +0200 Received: from mx1.belnet.be (mx1.belnet.be [193.190.198.9]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKa2H1018840 for ; Mon, 30 Aug 2010 22:36:03 +0200 X-IronPort-AV: E=Sophos;i="4.56,294,1280700000"; d="scan'208";a="921843" Received: from firewall.belnet.be (HELO relay.fw.belnet.be) ([193.190.198.37]) by mx1-out.belnet.be with ESMTP; 30 Aug 2010 22:35:54 +0200 Received: from [192.168.2.3] (unknown [79.132.233.52]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by relay.fw.belnet.be (Postfix) with ESMTPSA id D4356260 for ; Mon, 30 Aug 2010 22:26:00 +0200 (CEST) Message-ID: <4C7C1628.50908@0xbadc0de.be> Date: Mon, 30 Aug 2010 22:35:52 +0200 From: Aris Adamantiadis User-Agent: Thunderbird 2.0.0.24 (X11/20100411) MIME-Version: 1.0 To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> <4C7C0688.2060909@0xbadc0de.be> In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 22:36:13 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 22:36:03 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Daniel Stenberg a =E9crit : > On Mon, 30 Aug 2010, Aris Adamantiadis wrote: > = >> I think libssh2 falls in the same trap and has to be aware of the >> threading model used by the host application since it depends on >> software which is inherently not threadsafe. > = > No, libssh2 does not fall into that trap exactly because we already > document that libssh2_init is not thread-safe so anyone who uses threads > needs to take precautions. libssh2 does not have to be aware, as Simon's > list of alteratives show although that is certainly one way to do it. > = > The current approach we use is very common approach among libraries so I > don't consider libssh2 any strange in this aspect. In fact, I would've > expected the same or similar wording and limitation in libssh. > = Hi Daniel, We have the same wording. Our documentation tells that ssh_init() should be called in the main thread, before threading starts. The problem is that it's not sufficient, as Simon exposed, because some cryptographic primitives (PRNG) are not threadsafe themselves. This means that ssh_init() (and libssh2 equivalent) is not the only non-threadsafe function. Since almost every packet sending requires random bytes, it's reasonable to say that any API calls that sends a packet is at risk. Simon did a great job in describing the alternatives, and we're going to implement #1 in libssh. Aris _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 22:44:14 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKiBs5022585; Mon, 30 Aug 2010 22:44:14 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKiA8l022531 for ; Mon, 30 Aug 2010 22:44:10 +0200 Date: Mon, 30 Aug 2010 22:44:10 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Thread safety issues In-Reply-To: <4C7C1628.50908@0xbadc0de.be> Message-ID: References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> <4C7C0688.2060909@0xbadc0de.be> <4C7C1628.50908@0xbadc0de.be> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 22:44:14 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 22:44:10 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Mon, 30 Aug 2010, Aris Adamantiadis wrote: > The problem is that it's not sufficient, as Simon exposed, because some > cryptographic primitives (PRNG) are not threadsafe themselves. This means > that ssh_init() (and libssh2 equivalent) is not the only non-threadsafe > function. Then I think the explanation wasn't good enough. The PRNG you speak of that needs proper protection and care is only done at initialization time. > Since almost every packet sending requires random bytes, it's reasonable to > say that any API calls that sends a packet is at risk. As was already said OpenSSL and libgcrypt both needs their own functions protected by mutex callbacks. So yes, if you use libssh2 multi-threaded you need to set those callbacks (which is a layer violation as noted). I know users who have used libssh2 very well for a very long time in a multi-threaded environment so I'm positive it works as intended (and perhaps not too surprisingly, we use the same approach to the SSL layer locking within libcurl and yes that too works multi-threaded). Well, apart from the occasional bugs of course. Alas, we already use Simon's alternative #0 in libssh2. I'm not too fond of alternative #1, but then there's no clear winner in this race... :-( -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 22:52:38 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKqW6i030356; Mon, 30 Aug 2010 22:52:37 +0200 Received: from mcfeely.foofus.net (mcfeely.foofus.net [64.73.34.167]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKqTlY030308 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 30 Aug 2010 22:52:31 +0200 Received: (qmail 18380 invoked from network); 30 Aug 2010 20:52:19 -0000 Received: from unknown (HELO ?127.0.0.1?) (relay@127.0.0.1) by localhost with ESMTPA; 30 Aug 2010 20:52:19 -0000 Subject: Re: Thread safety issues From: jmk To: libssh2 development In-Reply-To: References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> Organization: Foofus Networks Date: Mon, 30 Aug 2010 15:52:15 -0500 Message-ID: <1283201535.18729.59.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.30.2 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 22:52:38 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 22:52:31 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Mon, 2010-08-30 at 15:51 +0200, Daniel Stenberg wrote: > On Mon, 30 Aug 2010, Jose Baars wrote: > > > Wouldn't the libssh2_init function be one of the prime suspects? This > > function was added in libssh2 1.2.7. > > Quoted from the man page for libssh2_init(): > > It uses a global state, and is not thread safe -- you must > make sure this function is not called concurrently. > > ... and before anyone questions the reasoning for this let me exaplain that > the underlying libraries (OpenSSL or libgcrypt) both have non thread-safe init > functions themselves that libssh2 need to use. I've added a mutex lock around libssh2_session_init_ex(). This drastically cut down on it blowing up. However, it appears that some of the other functions may also have thread safety issues. Specifically, I had to also lock libssh2_userauth_keyboard_interactive() and libssh2_session_free(). With all libssh2_* calls locked, I've been unable to get it to blow up. Certainly not ideal, but better than the alternative for now. Thanks, Joe _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Aug 30 22:54:00 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKrv8g031144; Mon, 30 Aug 2010 22:53:58 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UKruWN031138 for ; Mon, 30 Aug 2010 22:53:56 +0200 Date: Mon, 30 Aug 2010 22:53:56 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Thread safety issues In-Reply-To: <1283201535.18729.59.camel@localhost> Message-ID: References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <1283201535.18729.59.camel@localhost> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Mon, 30 Aug 2010 22:53:59 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Mon, 30 Aug 2010 22:53:56 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Mon, 30 Aug 2010, jmk wrote: > I've added a mutex lock around libssh2_session_init_ex(). This drastically > cut down on it blowing up. However, it appears that some of the other > functions may also have thread safety issues. Specifically, I had to also > lock libssh2_userauth_keyboard_interactive() and libssh2_session_free(). > With all libssh2_* calls locked, I've been unable to get it to blow up. > Certainly not ideal, but better than the alternative for now. And are you using the mutex callbacks now for your crypto library of choice? -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 00:19:36 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UMJN4I022601; Tue, 31 Aug 2010 00:19:35 +0200 Received: from mcfeely.foofus.net (mcfeely.foofus.net [64.73.34.167]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7UMJLwF022593 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 31 Aug 2010 00:19:22 +0200 Received: (qmail 18547 invoked from network); 30 Aug 2010 22:19:10 -0000 Received: from unknown (HELO ?127.0.0.1?) (relay@127.0.0.1) by localhost with ESMTPA; 30 Aug 2010 22:19:10 -0000 Subject: Re: Thread safety issues From: jmk To: libssh2 development In-Reply-To: References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <1283201535.18729.59.camel@localhost> Organization: Foofus Networks Date: Mon, 30 Aug 2010 17:19:05 -0500 Message-ID: <1283206745.18729.70.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.30.2 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 00:19:36 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 00:19:22 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Mon, 2010-08-30 at 22:53 +0200, Daniel Stenberg wrote: > On Mon, 30 Aug 2010, jmk wrote: > > > I've added a mutex lock around libssh2_session_init_ex(). This drastically > > cut down on it blowing up. However, it appears that some of the other > > functions may also have thread safety issues. Specifically, I had to also > > lock libssh2_userauth_keyboard_interactive() and libssh2_session_free(). > > With all libssh2_* calls locked, I've been unable to get it to blow up. > > Certainly not ideal, but better than the alternative for now. > > And are you using the mutex callbacks now for your crypto library of choice? I wasn't... I took a look at the threaded-ssl.c example from Curl and implemented their locking callbacks. With these callbacks and only a mutex for libssh2_session_init_ex(), everything appears stable now... Thanks! Joe _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 02:04:47 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7V04U3P030952; Tue, 31 Aug 2010 02:04:44 +0200 Received: from mail.ritual.org (146.n01.hh.clusters.de [213.238.52.146]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7V04Up4030948 for ; Tue, 31 Aug 2010 02:04:30 +0200 Received: from spring.local (spring.ritual.org [217.91.25.149]) (authenticated bits=0) by mail.ritual.org (8.12.9/8.12.9) with ESMTP id o7V04PUF004901 for ; Tue, 31 Aug 2010 02:04:25 +0200 Received: from [IPv6:::1] (localhost [IPv6:::1]) by spring.local (Postfix) with ESMTP id 56B6031FDE41 for ; Tue, 31 Aug 2010 02:04:25 +0200 (CEST) From: Uli Zappe Subject: Why isn't scp 8-bit clean? Date: Tue, 31 Aug 2010 02:04:25 +0200 Message-Id: To: libssh2-devel@cool.haxx.se Mime-Version: 1.0 (Apple Message framework v1081) X-Mailer: Apple Mail (2.1081) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 02:04:47 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 02:04:30 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se I'm new to this list - so first Hi to everyone on the list! I'm playing around with libssh2 and am especially interested in scp. Howeve= r, I found that scp isn't 8-bit clean (contrary to sftp, which is). The reason for this is the if clause in lines 614-630 in src/scp.c (libssh2= -1.2.7). It returns LIBSSH2_ERROR_SCP_PROTOCOL, "Invalid data in SCP response" as soon as a character > 126 surfaces in the sshd response, which it will d= o for every 8-bit or UTF-8 file name with a non-ASCII character. Indeed, as soon as I changed "126" to "256" in line 626, scp worked just fi= ne with 8-bit and UTF-8 file names, and I could not find any problem whatso= ever. So why this seemingly unnecessary limitation? Could there be any problems i= f I simply stuck with my modification of src/scp.c? Thanks in advance for any replies! (And many thanks for libssh2! :-)) ) Bye Uli ________________________________________________________ Uli Zappe, Solmsstra=DFe 5, D-65189 Wiesbaden, Germany http://www.ritual.org Fon: +49-700-ULIZAPPE Fax: +49-700-ZAPPEFAX ________________________________________________________ _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 02:34:00 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7V0XoUu017082; Tue, 31 Aug 2010 02:33:58 +0200 Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7V0XmjE017074 for ; Tue, 31 Aug 2010 02:33:48 +0200 Received: by bwz20 with SMTP id 20so5355646bwz.41 for ; Mon, 30 Aug 2010 17:33:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:from:date :message-id:subject:to:content-type:content-transfer-encoding; bh=8gifTuSFAm9y4wz0pj0dm6jL+kHs3+x+bAhfi4EDYrQ=; b=NlFNBc/Vnfz1VjXLM7X5IqeZV9xPoP7lK9SJ7ZWaljGKBWnk64fHrwE4pQTRu0ANtP 1+J1ktWMwBGIoOJoFB2Q1/nCrkSb8wNWgXvEs16OGQhILci/g9P9R1YSwdge1Gi2pZqZ dAhDfkzAsdFLE43mjGGg7YJD5htZqOdoPPAoI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type :content-transfer-encoding; b=JCuA/v+16e6yD/mdm2td2jBI+8imQove1C0nIyGr3UIN6rriH/f9mfIF/VhcZxIxqM M9YIt2trDjdLLEU+Y0RHdNX0et3/nqG7g9U1Iy66ET7k6YLuvEhki1iTnT79LX/A1UOZ xt9I2NaMXeLjzrV/TB81nzJKdrxhWbzKVENmk= Received: by 10.204.39.203 with SMTP id h11mr3942274bke.8.1283214822241; Mon, 30 Aug 2010 17:33:42 -0700 (PDT) MIME-Version: 1.0 Received: by 10.204.72.10 with HTTP; Mon, 30 Aug 2010 17:33:22 -0700 (PDT) From: Luis Lavena Date: Mon, 30 Aug 2010 21:33:22 -0300 Message-ID: Subject: Compile against static library fails To: libssh2-devel@cool.haxx.se X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 02:34:00 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 02:33:48 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Hello, I'm trying to compile libssh2 as static library using "configure --enable-static --disable-shared" During the compilation of the examples, it generates the following failure: libtool: link: gcc -DLIBSSH2_WIN32 -DWINSOCK_VERSION=3D0x0200 -o direct_tcpip.exe direct_tcpip.o ../src/.libs/libssh2.a -lssl -lcrypto -lz -lws2_32 direct_tcpip.o:direct_tcpip.c:(.text+0xf4): undefined reference to `_imp__libssh2_init' direct_tcpip.o:direct_tcpip.c:(.text+0x20b): undefined reference to `_imp__libssh2_session_init_ex' direct_tcpip.o:direct_tcpip.c:(.text+0x25a): undefined reference to `_imp__libssh2_session_startup' direct_tcpip.o:direct_tcpip.c:(.text+0x2a1): undefined reference to `_imp__libssh2_hostkey_hash' direct_tcpip.o:direct_tcpip.c:(.text+0x347): undefined reference to `_imp__libssh2_userauth_list' direct_tcpip.o:direct_tcpip.c:(.text+0x44d): undefined reference to `_imp__libssh2_userauth_password_ex' direct_tcpip.o:direct_tcpip.c:(.text+0x4d2): undefined reference to `_imp__libssh2_userauth_publickey_fromfile_ex' direct_tcpip.o:direct_tcpip.c:(.text+0x700): undefined reference to `_imp__libssh2_channel_direct_tcpip_ex' direct_tcpip.o:direct_tcpip.c:(.text+0x74b): undefined reference to `_imp__libssh2_session_set_blocking' direct_tcpip.o:direct_tcpip.c:(.text+0x8d1): undefined reference to `_imp__libssh2_channel_write_ex' direct_tcpip.o:direct_tcpip.c:(.text+0x93c): undefined reference to `_imp__libssh2_channel_read_ex' direct_tcpip.o:direct_tcpip.c:(.text+0x9e1): undefined reference to `_imp__libssh2_channel_eof' direct_tcpip.o:direct_tcpip.c:(.text+0xa38): undefined reference to `_imp__libssh2_channel_free' direct_tcpip.o:direct_tcpip.c:(.text+0xa5d): undefined reference to `_imp__libssh2_session_disconnect_ex' direct_tcpip.o:direct_tcpip.c:(.text+0xa6a): undefined reference to `_imp__libssh2_session_free' direct_tcpip.o:direct_tcpip.c:(.text+0xa7f): undefined reference to `_imp__libssh2_exit' collect2: ld returned 1 exit status make[2]: *** [direct_tcpip.exe] Error 1 make[2]: Leaving directory `/c/Users/Luis/Projects/oss/oci/rubyinstaller/sandbox/src-libssh2/example' make[1]: *** [all] Error 2 make[1]: Leaving directory `/c/Users/Luis/Projects/oss/oci/rubyinstaller/sandbox/src-libssh2/example' make: *** [all-recursive] Error 1 I'm using GCC 4.5.0 (TDM) under Windows. This works perfectly on Linux which might indicate an issue with symbols not exported properly. Anyone seen this? Thank you. -- = Luis Lavena AREA 17 - Perfection in design is achieved not when there is nothing more to add, but rather when there is nothing more to take away. Antoine de Saint-Exup=E9ry _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 09:54:22 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7V7rxQB027928; Tue, 31 Aug 2010 09:54:18 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7V7rwQp027924 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 31 Aug 2010 09:53:58 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o7V7rpLd003261 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Tue, 31 Aug 2010 09:53:53 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <1283201535.18729.59.camel@localhost> <1283206745.18729.70.camel@localhost> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100831:libssh2-devel@cool.haxx.se::RhNLshETjcOZNkrJ:AWxn Date: Tue, 31 Aug 2010 09:53:50 +0200 In-Reply-To: <1283206745.18729.70.camel@localhost> (jmk@foofus.net's message of "Mon, 30 Aug 2010 17:19:05 -0500") Message-ID: <87occjp69d.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 09:54:22 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 09:53:58 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se jmk writes: > On Mon, 2010-08-30 at 22:53 +0200, Daniel Stenberg wrote: >> On Mon, 30 Aug 2010, jmk wrote: >> >> > I've added a mutex lock around libssh2_session_init_ex(). This drastically >> > cut down on it blowing up. However, it appears that some of the other >> > functions may also have thread safety issues. Specifically, I had to also >> > lock libssh2_userauth_keyboard_interactive() and libssh2_session_free(). >> > With all libssh2_* calls locked, I've been unable to get it to blow up. >> > Certainly not ideal, but better than the alternative for now. >> >> And are you using the mutex callbacks now for your crypto library of choice? > > I wasn't... > > I took a look at the threaded-ssl.c example from Curl and implemented > their locking callbacks. With these callbacks and only a mutex for > libssh2_session_init_ex(), everything appears stable now... You shouldn't need any mutexes except the ones needed for the crypto library. Maybe you could remove your own mutex and see if things continue to work? Of course, you still need to make sure you don't access one session from more than one thread, but normally this is handled by having one thread per session. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 13:50:22 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VBo0GW013708; Tue, 31 Aug 2010 13:50:19 +0200 Received: from ecdor130.cmc.ec.gc.ca (ecdor130.cmc.ec.gc.ca [199.212.17.130]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VBnw60013698 for ; Tue, 31 Aug 2010 13:49:59 +0200 Received: from ecdor130.cmc.ec.gc.ca (localhost [127.0.0.1]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id 8089F4BC7C for ; Tue, 31 Aug 2010 11:49:49 +0000 (GMT) Received: from [142.135.2.4] (averroes.cmc.ec.gc.ca [142.135.2.4]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id 7AF184BC6E for ; Tue, 31 Aug 2010 11:49:49 +0000 (GMT) Message-ID: <4C7CEC5D.8000902@ec.gc.ca> Date: Tue, 31 Aug 2010 07:49:49 -0400 From: Michel Valin User-Agent: Thunderbird 2.0.0.24 (X11/20100228) MIME-Version: 1.0 To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> <87y6borugl.fsf@mocca.josefsson.org> In-Reply-To: <87y6borugl.fsf@mocca.josefsson.org> X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 13:50:22 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 13:49:59 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Simon Josefsson wrote: > I've been pondering on the thread library problem for a couple of > libraries already, and the problem is Hard. The dominant solutions are: > = > 0) Don't do anything and require callers to setup threading. > = > Pros: > - The library is simpler and doesn't link to a thread library. > = > Cons: > - Layer violation, callers needs to be aware of the crypto library > used by libssh2 and setup mutex appropriately. > = > 1) Provide an APIs and let the caller set mutex hooks. > = > Pros: > - The library does not have to link a thread library. > - No layering violation. > = > Cons: > - It is easy to forget to make this call when you are writing > a multi-threaded program, which can lead to subtle errors. This one can be alleviated by having the library issue a warning message at first initialization (lib_sh2_init) reminding the user that the thread-safe hook is not set. > - It is complicated to initialize the library correctly if you > have one big application that links to two separate libraries that > both in turn link to libssh2. > = > 2) Hard-code the thread implementation to support during build time. > = > Pros: > - Easier to use, as things happens automatically. > = > Cons: > - Even non-threaded applications now link to libpthread and call > thread-related functions. > - May result in multiple libraries, one for each thread > implementation. E.g., libssh2_pthread, libssh2_gnupth, > libssh2_nptl, etc. > = > There are some other alternatives, but I don't recall them now. > = > I have yet to use alternative 2 successfully for a low-level shared > library. Pthreads appears to be the "winning" thread implementation on > GNU systems, so maybe it could be considered here? On my system, > libldap.so is linking to pthreads so the approach has been tested. > (However, I think there are some tricky bugs for libldap caused by this > decision.) > = > Personally, my experience is that threaded programs are impossible to > maintain and keep reliable in the long run (10+ years) due to the higher > complexity. This is why I prefer approach 0 or 1, which puts the effort > on the shoulders on those that uses threading. The downside is that it > is not a responsible decision because the reality is that some things > are threaded and one has to deal with it. > = > For a library like libssh2, the part that really needs mutexes today is > the RNG. Crypto libraries needs mutexes when hashing its global entropy > pool. In GnuTLS we are experimenting with using GNU Nettle (which is a > completely thread safe crypto library) and some internal randomness > functionality. I'm hoping this will work out, but it is too early to > tell. > = > /Simon > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- = Michel Valin Responsable, Soutien CHP | Head, HPC support CHP & Op=E9rations des TI nationales HPC & National IT Operations Direction du dirigeant principal de l'information Chief Information Officer Branch Environnement Canada | Environment Canada 2121, N. Trans canada, Dorval, QC, CANADA H9P 1J3 Michel.Valin@ec.gc.CA T=E9l=E9phone | Telephone 514-421-4753 T=E9l=E9copieur | Facsimile 514-421-4703 Gouvernement du Canada | Government of Canada Entre deux mots, il faut choisir le moindre. Always choose the shortest of two words. Paul Val=E9ry _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 15:05:18 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VD4wjF000326; Tue, 31 Aug 2010 15:05:14 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VD4vTG000317 for ; Tue, 31 Aug 2010 15:04:57 +0200 Date: Tue, 31 Aug 2010 15:04:57 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Thread safety issues In-Reply-To: <4C7CEC5D.8000902@ec.gc.ca> Message-ID: References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> <87y6borugl.fsf@mocca.josefsson.org> <4C7CEC5D.8000902@ec.gc.ca> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 15:05:18 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 15:04:57 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Tue, 31 Aug 2010, Michel Valin wrote: >> 1) Provide an APIs and let the caller set mutex hooks. >> >> Pros: >> - The library does not have to link a thread library. >> - No layering violation. >> >> Cons: >> - It is easy to forget to make this call when you are writing >> a multi-threaded program, which can lead to subtle errors. > > This one can be alleviated by having the library issue a warning message at > first initialization (lib_sh2_init) reminding the user that the thread-safe > hook is not set. Not really. First, how would that warning be issued? We can't assume that the library can send any output anywhere that anyone will notice. Secondly, the library doesn't know if it will be used threaded so it would have no warn on every init that doesn't use the mutex callbacks even if they wouldn't be needed! -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 16:51:12 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VEos6B002527; Tue, 31 Aug 2010 16:51:10 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VEor79002521 for ; Tue, 31 Aug 2010 16:50:53 +0200 Date: Tue, 31 Aug 2010 16:50:53 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Why isn't scp 8-bit clean? In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 16:51:12 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 16:50:53 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Tue, 31 Aug 2010, Uli Zappe wrote: > The reason for this is the if clause in lines 614-630 in src/scp.c > (libssh2-1.2.7). It returns > > LIBSSH2_ERROR_SCP_PROTOCOL, "Invalid data in SCP response" > > as soon as a character > 126 surfaces in the sshd response, which it will do > for every 8-bit or UTF-8 file name with a non-ASCII character. Quite clearly. I don't understand that limitation - and I find it funny that nobody else before noticed. I guess a problem is that SCP is not a standard thing. It would be worthwhile to check how OpenSSH actually provides file names with non-ascii letters. I mean, if it truly is 8bit then surely the < 32 check is wrong as well? > Indeed, as soon as I changed "126" to "256" in line 626, scp worked just > fine with 8-bit and UTF-8 file names, and I could not find any problem > whatsoever. Uhm, UTF-8 file names can surely have bytes below 32, right? In fact, UTF-8 can even contain the bytes 0x0a and 0x0d so the checks for the end of line is then not good enough. > So why this seemingly unnecessary limitation? An oversight I'd guess. It's been like this for ages. Nice catch! Now we only need to figure out the right fix... -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 18:36:46 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VGaCh8017063; Tue, 31 Aug 2010 18:36:44 +0200 Received: from smtp-2.adminflex.de (smtp-2.adminflex.de [84.38.79.73]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VGaAfR017040 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT) for ; Tue, 31 Aug 2010 18:36:11 +0200 Received: from h1764403.stratoserver.net ([85.214.102.135] helo=hstreibel.psi.de ident=hans) by smtp-2.adminflex.de with esmtpa (Exim 4.63) (envelope-from ) id 1OqTod-0007lJ-Pv for libssh2-devel@cool.haxx.se; Tue, 31 Aug 2010 18:36:07 +0200 Received: by hstreibel.psi.de (Postfix, from userid 1000) id E3B32C012; Tue, 31 Aug 2010 18:35:32 +0200 (CEST) Date: Tue, 31 Aug 2010 18:35:32 +0200 From: Hans Streibel To: libssh2-devel@cool.haxx.se Subject: Upload via SFTP: Always "Permission Denied" Message-ID: <20100831163532.GA21846@hstreibel.psi.de> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="G4iJoqBmSsgzjUCe" Content-Disposition: inline User-Agent: Mutt/1.5.20 (2009-06-14) Content-Transfer-Encoding: 7bit X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 18:36:46 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 18:36:11 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I try to upload a file via SFTP by a self-written program that utilizes the library libssh2. The client runs on a Windows host. The server is freeFTPd which runs under Windows, too. I always get a "permission denied" error as soon as I send an "open" request to the server. More exactly: As soon as I call that "open" function in the libssh2 library. My question is: Is this an error in libssh2 or in the server? I do not know whether this "open" request makes its way to the server or whether the "permission denied" message is already coming from libssh2. I switched on tracing in libssh2 and got the impression that the error is coming from the server. However because I am not sure I attached a part of that tracefile in the appendix. The server logfile does not show an error. I should note that the client runs fine under Linux. However then the opposite side (server) is not freeFTPd but sshd from OpenSSH. Hans --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="err.log" Content-Transfer-Encoding: quoted-printable [libssh2] 0.691364 SFTP: Enabling SFTP version 3 compatability [libssh2] 0.691364 SFTP: Sending file open request [libssh2] 0.691364 Conn: Writing 44 bytes on channel 0/1000, stream #0 [libssh2] 0.691364 Socket: Error recving 16384 bytes to 0x1f01948+0: 11 [libssh2] 0.691364 Conn: Sending 44 bytes on channel 0/1000, stream_id=3D= 0 =3D> libssh2_transport_write plain (53 bytes) 0000: 5E 00 00 03 E8 00 00 00 2C 00 00 00 28 03 00 00 : ^...=C3=A8...,..= .(... 0010: 00 00 00 00 00 13 51 3A 5C 70 72 6A 5C 74 65 6D : ......Q:\prj\tem 0020: 70 5C 66 6C 74 2E 73 71 6C 00 00 00 1A 00 00 00 : p\flt.sql....... 0030: 04 00 00 81 B6 : ....=C2=B6 [libssh2] 0.691364 Socket: Sent 84/84 bytes at 0x1ea418c =3D> libssh2_transport_write send() (84 bytes) 0000: 48 73 9E 8E F3 79 E9 9E BE 19 CE 46 20 B0 90 73 : Hs=C2=9E=C2=8E=C3= =B3y=C3=A9=C2=9E=C5=B8.=C3=8EF =C2=B0.s 0010: 3A DB 93 FC 4B 60 B1 18 D7 F0 76 97 36 A7 FD 0D : :=C3=9B=C2=93=C3= =BCK`=C2=B1.=C3=97=C3=B0v=C2=976=C2=A7=C3=BD. 0020: 25 2A 9B 4E B4 26 66 49 FB B7 51 56 07 C9 4F 62 : %*=C2=9BN=C5=BD&= fI=C3=BB=C2=B7QV.=C3=89Ob 0030: A1 D5 77 7F F8 FE 92 D9 F5 68 F3 01 5D FC FA A0 : =C2=A1=C3=95w.=C3= =B8=C3=BE=C2=92=C3=99=C3=B5h=C3=B3.]=C3=BC=C3=BA=C2=A0 0040: D7 38 30 A3 C8 26 E1 48 6E CB 14 D0 91 FE 11 D3 : =C3=9780=C2=A3=C3= =88&=C3=A1Hn=C3=8B.=C3=90=C2=91=C3=BE.=C3=93 0050: CB 06 C2 7C : =C3=8B.=C3=82| [libssh2] 0.691364 SFTP: Asking for 102 packet [libssh2] 0.691364 SFTP: Asking for 101 packet [libssh2] 0.691364 SFTP: recv packet [libssh2] 0.691364 Socket: Error recving 16384 bytes to 0x1f01948+0: 11 [libssh2] 0.691364 Failure Event: -37 - Would block waiting for status me= ssage [libssh2] 0.800743 SFTP: Asking for 102 packet [libssh2] 0.800743 SFTP: Asking for 101 packet [libssh2] 0.800743 SFTP: recv packet [libssh2] 0.800743 Conn: channel_read() wants 4 bytes from channel 0/1000= stream #0 [libssh2] 0.800743 Socket: Recved 84/16384 bytes to 0x1f01948+0 =3D> libssh2_transport_read() raw (84 bytes) 0000: D5 86 EE 17 31 E7 48 85 13 84 2A D5 C7 E7 70 6C : =C3=95=C2=86=C3=AE= .1=C3=A7H=C2=85.=C2=84*=C3=95=C3=87=C3=A7pl 0010: 53 60 C0 4D 26 5A A9 76 B0 F5 AB 05 35 98 9C 8B : S`=C3=80M&Z=C2=A9= v=C2=B0=C3=B5=C2=AB.5.=C2=9C=C2=8B 0020: 2B FD 0D 79 08 93 09 CC 37 5B 35 DC 85 0A C5 EF : +=C3=BD.y.=C2=93= =C3=8C7[5=C3=9C=C2=85.=C3=85=C3=AF 0030: 42 C0 AF 54 FF 65 2B 90 22 BB A6 70 36 98 73 03 : B=C3=80=C2=AFT=C3= =BFe+."=C2=BB=C5=A0p6.s. 0040: D3 CE 82 3A 0B EC A5 BD 06 7C 57 CD FD F4 F7 B2 : =C3=93=C3=8E=C2=82= :.=C3=AC=C2=A5=C5=93.|W=C3=8D=C3=BD=C3=B4=C3=B7=C2=B2 0050: 04 35 F8 D0 : .5=C3=B8=C3=90 =3D> libssh2_transport_read() plain (47 bytes) 0000: 5E 00 00 00 00 00 00 00 26 00 00 00 22 65 00 00 : ^.......&..."e.. 0010: 00 00 00 00 00 03 00 00 00 11 50 65 72 6D 69 73 : ..........Permis 0020: 73 69 6F 6E 20 64 65 6E 69 65 64 00 00 00 00 : sion denied.... [libssh2] 0.800743 Transport: Packet type 94 received, length=3D47 [libssh2] 0.800743 Conn: 38 bytes packet_add() for 0/1000/0 [libssh2] 0.800743 Socket: Error recving 16384 bytes to 0x1f01948+0: 11 [libssh2] 0.800743 Conn: channel_read() got 4 of data from 0/1000/0 [libssh2] 0.800743 SFTP: Data begin - Packet Length: 34 [libssh2] 0.800743 Socket: Error recving 16384 bytes to 0x1f01948+0: 11 [libssh2] 0.800743 Conn: channel_read() got 34 of data from 0/1000/0 [ul] [libssh2] 0.800743 SFTP: Received packet 101 (len 34) [libssh2] 0.800743 SFTP: Asking for 102 packet [libssh2] 0.800743 SFTP: Asking for 101 packet [libssh2] 0.800743 Failure Event: -31 - Failed opening remote file [libssh2] 0.800743 SFTP: got FXP_STATUS 3 [libssh2] 0.800743 Transport: Disconnecting: reason=3D11, desc=3Derror, l= ang=3D =3D> libssh2_transport_write plain (18 bytes) 0000: 01 00 00 00 0B 00 00 00 05 65 72 72 6F 72 00 00 : .........error.. 0010: 00 00 : .. [libssh2] 0.800743 Socket: Sent 52/52 bytes at 0x1ea41e0 =3D> libssh2_transport_write send() (52 bytes) 0000: 51 A2 CC AC 31 67 1D 3F 30 62 DC 65 62 B4 14 0A : Q=C2=A2=C3=8C=C2= =AC1g.?0b=C3=9Ceb=C5=BD.. 0010: 75 D5 E2 44 02 49 DF 94 FE 6A B3 E5 2A B7 D8 EB : u=C3=95=C3=A2D.I= =C3=9F=C2=94=C3=BEj=C2=B3=C3=A5*=C2=B7=C3=98=C3=AB 0020: 07 71 B0 49 1F C6 C9 5E B5 E8 58 50 41 B9 AB 8D : .q=C2=B0I.=C3=86= =C3=89^=C2=B5=C3=A8XPA=C2=B9=C2=AB. 0030: 16 AB 0E B4 : .=C2=AB.=C5=BD [libssh2] 0.800743 Conn: Freeing channel 0/1000 resources [libssh2] 0.800743 Conn: Sending EOF on channel 0/1000 =3D> libssh2_transport_write plain (5 bytes) 0000: 60 00 00 03 E8 : `...=C3=A8 [libssh2] 0.800743 Socket: Sent 36/36 bytes at 0x1e94710 =3D> libssh2_transport_write send() (36 bytes) 0000: 88 99 7F B5 20 C4 25 C9 8E F4 9D 09 4C 99 DD AF : ...=C2=B5 =C3=84= %=C3=89=C2=8E=C3=B4. L.=C3=9D=C2=AF 0010: 0A B3 EC B3 3D FC 60 E6 58 BA 20 49 0E 88 3D 38 : .=C2=B3=C3=AC=C2= =B3=3D=C3=BC`=C3=A6X=C2=BA I..=3D8 0020: 4A 4B 4E 71 : JKNq [libssh2] 0.800743 Conn: Closing channel 0/1000 =3D> libssh2_transport_write plain (5 bytes) 0000: 61 00 00 03 E8 : a...=C3=A8 [libssh2] 0.800743 Socket: Sent 36/36 bytes at 0x1e94710 =3D> libssh2_transport_write send() (36 bytes) 0000: C8 ED D1 45 13 F0 BA 98 28 BA A8 BF FC 42 C6 A3 : =C3=88=C3=AD=C3=91= E.=C3=B0=C2=BA.(=C2=BA=C5=A1=C2=BF=C3=BCB=C3=86=C2=A3 0010: 36 71 43 5D A5 99 40 9F EB FB B5 A7 EE E3 79 CF : 6qC]=C2=A5.@=C2=9F= =C3=AB=C3=BB=C2=B5=C2=A7=C3=AE=C3=A3y=C3=8F 0020: A8 10 B9 57 : =C5=A1.=C2=B9W [libssh2] 0.800743 Socket: Error recving 16384 bytes to 0x1f01948+0: 11 [libssh2] 1.019500 Socket: Recved 36/16384 bytes to 0x1f01948+0 =3D> libssh2_transport_read() raw (36 bytes) 0000: 4D C7 85 C1 54 31 04 F9 04 C8 84 A0 00 3E 74 DA : M=C3=87=C2=85=C3= =81T1.=C3=B9.=C3=88=C2=84=C2=A0.>t=C3=9A 0010: B4 93 74 4A 5F 74 46 35 28 F1 36 56 8E DE 61 34 : =C5=BD=C2=93tJ_t= F5(=C3=B16V=C2=8E=C3=9Ea4 0020: E5 BD 61 37 : =C3=A5=C5=93a7 =3D> libssh2_transport_read() plain (5 bytes) 0000: 61 00 00 00 00 : a.... [libssh2] 1.019500 Transport: Packet type 97 received, length=3D5 [libssh2] 1.019500 Conn: Close received for channel 0/1000 [libssh2] 1.019500 Transport: Looking for packet of type: 94 [libssh2] 1.019500 Transport: Looking for packet of type: 95 [libssh2] 1.019500 Transport: Freeing session resource 17:18:00:E: SFTP: opening remote file Q:\prj\temp\flt.sql failed, error =3D= -31 LIBSSH2_ERROR_SFTP_PROTOCOL Failed opening remote file 17:18:00:E: SFTP: sftp error =3D 3 SSH_FX_PERMISSION_DENIED --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --G4iJoqBmSsgzjUCe-- From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 19:19:52 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VHJeGY021703; Tue, 31 Aug 2010 19:19:51 +0200 Received: from ecdor130.cmc.ec.gc.ca (ecdor130.cmc.ec.gc.ca [199.212.17.130]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VHJcla021670 for ; Tue, 31 Aug 2010 19:19:38 +0200 Received: from ecdor130.cmc.ec.gc.ca (localhost [127.0.0.1]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id B7E054BD93 for ; Tue, 31 Aug 2010 17:19:27 +0000 (GMT) Received: from [142.135.2.4] (averroes.cmc.ec.gc.ca [142.135.2.4]) by imap2.cmc.ec.gc.ca (Postfix) with ESMTP id B244D4BCDB for ; Tue, 31 Aug 2010 17:19:27 +0000 (GMT) Message-ID: <4C7D399F.4000805@ec.gc.ca> Date: Tue, 31 Aug 2010 13:19:27 -0400 From: Michel Valin User-Agent: Thunderbird 2.0.0.24 (X11/20100228) MIME-Version: 1.0 To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <4C7BBBE8.20403@ec.gc.ca> <87y6borugl.fsf@mocca.josefsson.org> <4C7CEC5D.8000902@ec.gc.ca> In-Reply-To: X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 19:19:52 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 19:19:39 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Daniel Stenberg wrote: > On Tue, 31 Aug 2010, Michel Valin wrote: > >>> 1) Provide an APIs and let the caller set mutex hooks. >>> >>> Pros: >>> - The library does not have to link a thread library. >>> - No layering violation. >>> >>> Cons: >>> - It is easy to forget to make this call when you are writing >>> a multi-threaded program, which can lead to subtle errors. >> >> This one can be alleviated by having the library issue a warning >> message at first initialization (lib_sh2_init) reminding the user that >> the thread-safe hook is not set. > > Not really. > > First, how would that warning be issued? We can't assume that the > library can send any output anywhere that anyone will notice. true, one can never be sure that stderr will be connected (or that it will be read if it is :-) ) > > Secondly, the library doesn't know if it will be used threaded so it > would have no warn on every init that doesn't use the mutex callbacks > even if they wouldn't be needed! true again, that's why i said alleviated rather than solved. call that collateral noise. in that case a non threaded program would have to supply a do nothing mutex hook. (definitely not a pro) > -- Michel Valin Michel.Valin@ec.gc.CA _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 19:40:42 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VHeR11032698; Tue, 31 Aug 2010 19:40:39 +0200 Received: from mail.ritual.org (146.n01.hh.clusters.de [213.238.52.146]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VHePdL032645 for ; Tue, 31 Aug 2010 19:40:26 +0200 Received: from spring.local (spring.ritual.org [217.91.25.149]) (authenticated bits=0) by mail.ritual.org (8.12.9/8.12.9) with ESMTP id o7VHeKUF009582 for ; Tue, 31 Aug 2010 19:40:20 +0200 Received: from [IPv6:::1] (localhost [IPv6:::1]) by spring.local (Postfix) with ESMTP id B470B3200C99 for ; Tue, 31 Aug 2010 19:40:19 +0200 (CEST) Mime-Version: 1.0 (Apple Message framework v1081) Subject: Re: Why isn't scp 8-bit clean? From: Uli Zappe In-Reply-To: Date: Tue, 31 Aug 2010 19:40:19 +0200 Message-Id: <0FCABDB1-4916-4653-AC13-792987EE3460@spring.local> References: To: libssh2 development X-Mailer: Apple Mail (2.1081) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 19:40:42 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 19:40:26 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Am 31.08.2010 um 16:50 schrieb Daniel Stenberg: > I guess a problem is that SCP is not a standard thing. It would be worthw= hile to check how OpenSSH actually provides file names with non-ascii lette= rs. I've been working extensively with OpenSSH on Mac OS X, which uses UTF-8 fi= le names. I've never experienced any problems with characters in file names= (including Cyrillic and Asian ones), so I'm quite sure OpenSSH (including = its implementation of scp) is fully UTF-8 compatible. > I mean, if it truly is 8bit then surely the < 32 check is wrong as well? I don't think so. Values < 0x20 (32) are always control sequences, AFAIK. T= hey are in ASCII, and therefore obviously also in all 8-bit extensions of A= SCII, which always only extend the ASCII character set, but don't change it= in the 0x00-0x7F character range. In UTF-8, it's similar: one-byte charact= ers are identical to ASCII, and for multibyte characters, each byte must be= > 0x7F (127) by specification. I'm unsure about UTF-16, but I've never see= n a file system that uses that for file names. Of course, another question is what this if clause was intended to achieve = in the first place. (I have no idea.) > Uhm, UTF-8 file names can surely have bytes below 32, right? Hm, these would be control characters, just like in ASCII. I don't know why= a file system would forbid these characters in ASCII file names, but allow= them in UTF-8 file names. In any case, I would think that this solely depe= nds on the file system implementation and is nothing that's specific to UTF= -8 file names. > In fact, UTF-8 can even contain the bytes 0x0a and 0x0d so the checks for= the end of line is then not good enough. I'm not sure what you mean by that. Of course UTF-8 characters include 0x0a= and 0x0d, as does ASCII, and they mean exactly the same thing in both case= s. > Now we only need to figure out the right fix... If the whole purpose of this if clause is as unclear as it is to me, you co= uld probably simply remove it completely. Other than that, I can see no har= m if the < 32 check remains and only the > 127 check is removed. Bye Uli ________________________________________________________ Uli Zappe, Solmsstra=DFe 5, D-65189 Wiesbaden, Germany http://www.ritual.org Fon: +49-700-ULIZAPPE Fax: +49-700-ZAPPEFAX ________________________________________________________ _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 19:58:15 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VHvu5j018649; Tue, 31 Aug 2010 19:58:13 +0200 Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VHvshC018636 for ; Tue, 31 Aug 2010 19:57:54 +0200 Date: Tue, 31 Aug 2010 19:57:54 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Why isn't scp 8-bit clean? In-Reply-To: <0FCABDB1-4916-4653-AC13-792987EE3460@spring.local> Message-ID: References: <0FCABDB1-4916-4653-AC13-792987EE3460@spring.local> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 19:58:15 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 19:57:54 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Tue, 31 Aug 2010, Uli Zappe wrote: >> Now we only need to figure out the right fix... > > If the whole purpose of this if clause is as unclear as it is to me, you > could probably simply remove it completely. Other than that, I can see no > harm if the < 32 check remains and only the > 127 check is removed. The purpose of that code is to make sure we receive a valid SCP protocol. And yes, I was a bit confused about how UTF-8 looks like but I agree that the > 126 check should be removed. I've committed a fix for this now. Thanks for the report! -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 20:02:03 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VI21Jh023190; Tue, 31 Aug 2010 20:02:03 +0200 Received: from mail.ritual.org (146.n01.hh.clusters.de [213.238.52.146]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VI1xUs023125 for ; Tue, 31 Aug 2010 20:02:00 +0200 Received: from spring.local (spring.ritual.org [217.91.25.149]) (authenticated bits=0) by mail.ritual.org (8.12.9/8.12.9) with ESMTP id o7VI1uUF009720 for ; Tue, 31 Aug 2010 20:01:56 +0200 Received: from [IPv6:::1] (localhost [IPv6:::1]) by spring.local (Postfix) with ESMTP id 9344D3200DBC for ; Tue, 31 Aug 2010 20:01:55 +0200 (CEST) Mime-Version: 1.0 (Apple Message framework v1081) Subject: Re: Why isn't scp 8-bit clean? From: Uli Zappe In-Reply-To: Date: Tue, 31 Aug 2010 20:01:54 +0200 Message-Id: References: <0FCABDB1-4916-4653-AC13-792987EE3460@spring.local> To: libssh2 development X-Mailer: Apple Mail (2.1081) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 20:02:03 +0200 (CEST) X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 20:02:00 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se Am 31.08.2010 um 19:57 schrieb Daniel Stenberg: > I agree that the > 126 check should be removed. I've committed a fix for = this now. :-) Bye Uli ________________________________________________________ Uli Zappe, Solmsstra=DFe 5, D-65189 Wiesbaden, Germany http://www.ritual.org Fon: +49-700-ULIZAPPE Fax: +49-700-ZAPPEFAX ________________________________________________________ _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 21:44:47 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VJi9aw006186; Tue, 31 Aug 2010 21:44:44 +0200 Received: from mcfeely.foofus.net (mcfeely.foofus.net [64.73.34.167]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VJi6G1006036 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 31 Aug 2010 21:44:07 +0200 Received: (qmail 20992 invoked from network); 31 Aug 2010 19:43:56 -0000 Received: from unknown (HELO ?127.0.0.1?) (relay@127.0.0.1) by localhost with ESMTPA; 31 Aug 2010 19:43:56 -0000 Subject: Re: Thread safety issues From: jmk To: libssh2 development In-Reply-To: <87occjp69d.fsf@mocca.josefsson.org> References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <1283201535.18729.59.camel@localhost> <1283206745.18729.70.camel@localhost> <87occjp69d.fsf@mocca.josefsson.org> Organization: Foofus Networks Date: Tue, 31 Aug 2010 14:43:56 -0500 Message-ID: <1283283836.18534.28.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.30.2 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 21:44:47 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 21:44:08 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Tue, 2010-08-31 at 09:53 +0200, Simon Josefsson wrote: > You shouldn't need any mutexes except the ones needed for the crypto > library. Maybe you could remove your own mutex and see if things > continue to work? It's certainly possible I've messed stuff up, but without the mutex for libssh2_session_init_ex(), things still occasionally blow up. With a mutex for that one call and the crypto callback functions, things *seem* completely stable. > Of course, you still need to make sure you don't access one session from > more than one thread, but normally this is handled by having one thread > per session. Yup, one session per thread. Joe _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 21:55:18 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VJtCp7012238; Tue, 31 Aug 2010 21:55:17 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VJtAZv012208 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 31 Aug 2010 21:55:10 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o7VJt0d3013913 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Tue, 31 Aug 2010 21:55:01 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <1283201535.18729.59.camel@localhost> <1283206745.18729.70.camel@localhost> <87occjp69d.fsf@mocca.josefsson.org> <1283283836.18534.28.camel@localhost> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100831:libssh2-devel@cool.haxx.se::5aGz/h3N0m3KLzv9:1hix Date: Tue, 31 Aug 2010 21:54:58 +0200 In-Reply-To: <1283283836.18534.28.camel@localhost> (jmk@foofus.net's message of "Tue, 31 Aug 2010 14:43:56 -0500") Message-ID: <87occiimlp.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 21:55:18 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 21:55:10 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se jmk writes: > On Tue, 2010-08-31 at 09:53 +0200, Simon Josefsson wrote: >> You shouldn't need any mutexes except the ones needed for the crypto >> library. Maybe you could remove your own mutex and see if things >> continue to work? > > It's certainly possible I've messed stuff up, but without the mutex for > libssh2_session_init_ex(), things still occasionally blow up. With a > mutex for that one call and the crypto callback functions, things *seem* > completely stable. Do you call libssh2_init? The libssh2_session_init_ex function initializes the library when needed, maybe you cause two threads to initialize the library at the same time. By doing an explicit libssh2_init at the start of your program, that should be avoided. It may also be that I've missed something, and libssh2_session_init_ex is intended to be thread-unsafe too. But then we have a documentation problem, since this is not stated in the function man page. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 22:43:53 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VKhiQq021790; Tue, 31 Aug 2010 22:43:52 +0200 Received: from mcfeely.foofus.net (mcfeely.foofus.net [64.73.34.167]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VKheFI021549 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 31 Aug 2010 22:43:41 +0200 Received: (qmail 21115 invoked from network); 31 Aug 2010 20:43:31 -0000 Received: from unknown (HELO ?127.0.0.1?) (relay@127.0.0.1) by localhost with ESMTPA; 31 Aug 2010 20:43:31 -0000 Subject: Re: Thread safety issues From: jmk To: libssh2 development In-Reply-To: <87occiimlp.fsf@mocca.josefsson.org> References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <1283201535.18729.59.camel@localhost> <1283206745.18729.70.camel@localhost> <87occjp69d.fsf@mocca.josefsson.org> <1283283836.18534.28.camel@localhost> <87occiimlp.fsf@mocca.josefsson.org> Organization: Foofus Networks Date: Tue, 31 Aug 2010 15:43:31 -0500 Message-ID: <1283287411.18534.56.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.30.2 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 22:43:53 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 22:43:41 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Tue, 2010-08-31 at 21:54 +0200, Simon Josefsson wrote: > jmk writes: > > > On Tue, 2010-08-31 at 09:53 +0200, Simon Josefsson wrote: > >> You shouldn't need any mutexes except the ones needed for the crypto > >> library. Maybe you could remove your own mutex and see if things > >> continue to work? > > > > It's certainly possible I've messed stuff up, but without the mutex for > > libssh2_session_init_ex(), things still occasionally blow up. With a > > mutex for that one call and the crypto callback functions, things *seem* > > completely stable. > > Do you call libssh2_init? The libssh2_session_init_ex function > initializes the library when needed, maybe you cause two threads to > initialize the library at the same time. By doing an explicit > libssh2_init at the start of your program, that should be avoided. > > It may also be that I've missed something, and libssh2_session_init_ex > is intended to be thread-unsafe too. But then we have a documentation > problem, since this is not stated in the function man page. I wasn't calling libssh2_init(). I guess I misread a previous statement about libssh2_init() being non-thread safe as libssh2_session_init(). Adding a call to libssh2_init() with a mutex and removing the mutex for libssh2_session_init_ex() seems to work just fine, so libssh2_session_init_ex should indeed be thread-safe. For my particular use, it probably doesn't matter much and both approaches would work. Thanks, Joe _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 22:55:56 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VKtj0f029731; Tue, 31 Aug 2010 22:55:55 +0200 Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VKtiH9029726 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 31 Aug 2010 22:55:44 +0200 Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o7VKskM3017367 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Tue, 31 Aug 2010 22:54:48 +0200 From: Simon Josefsson To: libssh2 development Subject: Re: Thread safety issues References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <1283201535.18729.59.camel@localhost> <1283206745.18729.70.camel@localhost> <87occjp69d.fsf@mocca.josefsson.org> <1283283836.18534.28.camel@localhost> <87occiimlp.fsf@mocca.josefsson.org> <1283287411.18534.56.camel@localhost> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:100831:libssh2-devel@cool.haxx.se::XMucg3kS0qrS5Glh:3Djg Date: Tue, 31 Aug 2010 22:54:44 +0200 In-Reply-To: <1283287411.18534.56.camel@localhost> (jmk@foofus.net's message of "Tue, 31 Aug 2010 15:43:31 -0500") Message-ID: <87y6bmh59n.fsf@mocca.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux) MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,RDNS_DYNAMIC,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on yxa-v.extundo.com X-Virus-Scanned: clamav-milter 0.96.1 at yxa-v X-Virus-Status: Clean X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 22:55:56 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 22:55:44 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se jmk writes: > On Tue, 2010-08-31 at 21:54 +0200, Simon Josefsson wrote: >> jmk writes: >> >> > On Tue, 2010-08-31 at 09:53 +0200, Simon Josefsson wrote: >> >> You shouldn't need any mutexes except the ones needed for the crypto >> >> library. Maybe you could remove your own mutex and see if things >> >> continue to work? >> > >> > It's certainly possible I've messed stuff up, but without the mutex for >> > libssh2_session_init_ex(), things still occasionally blow up. With a >> > mutex for that one call and the crypto callback functions, things *seem* >> > completely stable. >> >> Do you call libssh2_init? The libssh2_session_init_ex function >> initializes the library when needed, maybe you cause two threads to >> initialize the library at the same time. By doing an explicit >> libssh2_init at the start of your program, that should be avoided. >> >> It may also be that I've missed something, and libssh2_session_init_ex >> is intended to be thread-unsafe too. But then we have a documentation >> problem, since this is not stated in the function man page. > > I wasn't calling libssh2_init(). I guess I misread a previous statement > about libssh2_init() being non-thread safe as libssh2_session_init(). > > Adding a call to libssh2_init() with a mutex and removing the mutex for > libssh2_session_init_ex() seems to work just fine, so > libssh2_session_init_ex should indeed be thread-safe. For my particular > use, it probably doesn't matter much and both approaches would work. It may be simpler to call libssh2_init globally before firing up any threads. Then you only need to supply mutexes to the crypto library. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 22:56:01 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VKu0oS029856; Tue, 31 Aug 2010 22:56:01 +0200 Received: from m1.imap-partners.net (m1.imap-partners.net [64.13.152.131]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VKtuJE029812 for ; Tue, 31 Aug 2010 22:55:58 +0200 Received: from familiar.netflix.com (lg-nat.corp.netflix.com [208.75.77.65]) by m1.imap-partners.net (MOS 4.1.8-GA) with ESMTP id CCP56780 (AUTH via LOGINBEFORESMTP); Tue, 31 Aug 2010 13:55:47 -0700 X-Mirapoint-Received-SPF: 208.75.77.65 familiar.netflix.com 5 none X-Mirapoint-Received-SPF: 208.75.77.65 familiar.netflix.com 5 none Date: Tue, 31 Aug 2010 13:53:11 -0700 (PDT) From: TJ Saunders To: libssh2 development Subject: Re: SFTP Compression support In-Reply-To: <4C784D9E.9070804@barcelona04.com> Message-ID: References: <4C77124D.3060909@barcelona04.com> <4C784D9E.9070804@barcelona04.com> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) MIME-Version: 1.0 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 22:56:01 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 22:55:59 +0200 (CEST) Cc: Daniel Stenberg X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se > Yes its 1.2.7. Compiled with mingw 4.4 under windows 7, OpenSSL 0.9.8 and > zlib 1.2.3. > As I've said, compression works when dealing with channels, but can't open > sftp file handles. I think that prior to 1.2.7, this wasn't possible -- attempting to use compression would fail at KEXINIT time. The enabling of compression at KEXINIT time was fixed by: http://trac.libssh2.org/ticket/180 However, it seems that fixing compression for KEXINIT revealed further issues with using compression. Using a build of libssh2-1.2.7 with --enable-debug, and tracing enabled, I obtained the following trace for a case where libssh2 (via the Net::SSH2 Perl module) is used to authenticate, start sftp, open and read a file from the server: [libssh2] 2.627289 Conn: Connection Established - ID: 0/0 win: 4294967295/65536 pack: 32768/32768 [libssh2] 2.627309 Conn: starting request(subsystem) on channel 0/0, message=sftp => libssh2_transport_write plain (27 bytes) 0000: 62 00 00 00 00 00 00 00 09 73 75 62 73 79 73 74 : b........subsyst 0010: 65 6D 01 00 00 00 04 73 66 74 70 : em.....sftp [libssh2] 2.627430 Socket: Sent 52/52 bytes at 0x982d9b0 => libssh2_transport_write send() (52 bytes) 0000: 04 4F 35 48 5F D7 43 CE 7D F9 85 23 52 E4 0D 64 : .O5H_.C.}..#R..d 0010: 0C 9B 94 21 0D 37 66 5C 8B 18 7E 9B DF 81 04 26 : ...!.7f\..~....& 0020: 65 1E 4A 08 72 32 A2 E7 4B E7 CF 9B 44 1D 61 62 : e.J.r2..K...D.ab 0030: 29 00 87 47 : )..G [libssh2] 2.627481 Transport: Looking for packet of type: 99 [libssh2] 2.627491 Transport: Looking for packet of type: 100 [libssh2] 2.627505 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.627518 Failure Event: -37 - Would block to request SFTP subsystem [libssh2] 2.628586 Transport: Looking for packet of type: 99 [libssh2] 2.628603 Transport: Looking for packet of type: 100 [libssh2] 2.628618 Socket: Recved 52/16384 bytes to 0x981c578+0 => libssh2_transport_read() raw (52 bytes) 0000: 03 24 AA 16 61 A1 4F 6A A6 8F 4E 9B B8 83 1D CD : .$..a.Oj..N..... 0010: C6 FB 04 92 49 B4 07 AD 4A 5E 62 1D 54 AB F8 82 : ....I...J^b.T... 0020: 2C 21 BD E4 71 1D 22 86 24 6D E2 4A EE 71 53 16 : ,!..q.".$m.J.qS. 0030: 35 83 F6 94 : 5... => libssh2_transport_read() plain (5 bytes) 0000: 63 00 00 00 00 : c.... [libssh2] 2.628704 Transport: Packet type 99 received, length=5 [libssh2] 2.628717 Transport: Looking for packet of type: 99 [libssh2] 2.628728 Conn: Setting channel 0/0 handle_extended_data mode to 1 [libssh2] 2.628746 SFTP: Sending FXP_INIT packet advertising version 3 support [libssh2] 2.628758 Conn: Writing 9 bytes on channel 0/0, stream #0 [libssh2] 2.628773 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.628786 Conn: Sending 9 bytes on channel 0/0, stream_id=0 => libssh2_transport_write plain (18 bytes) 0000: 5E 00 00 00 00 00 00 00 09 00 00 00 05 01 00 00 : ^............... 0010: 00 03 : .. [libssh2] 2.628890 Socket: Sent 52/52 bytes at 0x982d9b0 => libssh2_transport_write send() (52 bytes) 0000: AC 50 E0 7F E7 BC 8F 02 4D D1 E1 DF 4B 79 ED 0B : .P......M...Ky.. 0010: B9 10 E6 AE 69 4D F9 9D F8 B6 F4 54 CD EB A8 BD : ....iM.....T.... 0020: 5E 2A FA 28 CF B3 A0 27 9A 4C EC 2E 6A A6 79 97 : ^*.(...'.L..j.y. 0030: C6 5A BA DB : .Z.. [libssh2] 2.628942 SFTP: Requiring packet 2 id 0 [libssh2] 2.628952 SFTP: Asking for 2 packet [libssh2] 2.628962 SFTP: recv packet [libssh2] 2.628972 Conn: channel_read() wants 4 bytes from channel 0/0 stream #0 [libssh2] 2.628986 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.628999 Failure Event: -37 - Would block waiting for response from SFTP subsystem [libssh2] 2.630686 SFTP: Requiring packet 2 id 0 [libssh2] 2.630704 SFTP: Asking for 2 packet [libssh2] 2.630714 SFTP: recv packet [libssh2] 2.630723 Conn: channel_read() wants 4 bytes from channel 0/0 stream #0 [libssh2] 2.630739 Socket: Recved 116/16384 bytes to 0x981c578+0 => libssh2_transport_read() raw (116 bytes) 0000: AA C9 DD C3 31 4B FA 16 B3 A5 05 40 B8 A5 30 E0 : ....1K.....@..0. 0010: 88 02 CD 4F 07 6D C6 62 1F 46 91 BC 79 77 1D C4 : ...O.m.b.F..yw.. 0020: 28 F6 20 F0 3A 81 A4 D2 53 C6 DC A2 47 EE CC 0F : (. .:...S...G... 0030: F8 EF 22 36 34 60 70 BC 72 94 19 50 D3 E4 53 02 : .."64`p.r..P..S. 0040: 0C AB 6E 60 5F AE D2 FB D3 10 0C C0 A6 C8 D6 0C : ..n`_........... 0050: BA 47 78 58 0D 8B B6 F1 5F 6C DF 8D F4 F9 DB AB : .GxX...._l...... 0060: 52 EC AC 83 CF EB D0 B0 44 AE 6C 81 92 6C 89 FE : R.......D.l..l.. 0070: F9 92 60 F1 : ..`. => libssh2_transport_read() plain (127 bytes) 0000: 5E 00 00 00 00 00 00 00 76 00 00 00 72 02 00 00 : ^.......v...r... 0010: 00 03 00 00 00 08 76 65 72 73 69 6F 6E 73 00 00 : ......versions.. 0020: 00 03 32 2C 33 00 00 00 18 70 6F 73 69 78 2D 72 : ..2,3....posix-r 0030: 65 6E 61 6D 65 40 6F 70 65 6E 73 73 68 2E 63 6F : ename@openssh.co 0040: 6D 00 00 00 01 31 00 00 00 13 73 74 61 74 76 66 : m....1....statvf 0050: 73 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 : s@openssh.com... 0060: 01 32 00 00 00 14 66 73 74 61 74 76 66 73 40 6F : .2....fstatvfs@o 0070: 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 01 32 : penssh.com....2 [libssh2] 2.630919 Transport: Packet type 94 received, length=127 [libssh2] 2.630931 Conn: 118 bytes packet_add() for 0/0/0 [libssh2] 2.630945 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.630958 Conn: channel_read() got 4 of data from 0/0/0 [libssh2] 2.630971 Conn: Adjusting window 3932160 bytes for data on channel 0/0 => libssh2_transport_write plain (9 bytes) 0000: 5D 00 00 00 00 00 3C 00 00 : ].....<.. [libssh2] 2.631064 Socket: Sent 52/52 bytes at 0x982d9b0 => libssh2_transport_write send() (52 bytes) 0000: A2 4A 5F A9 7F 6B 40 46 EE 90 9D 96 2B 46 FC 04 : .J_..k@F....+F.. 0010: 52 FD 2E 48 E3 B0 0B 7F 9B 2F 50 0E A6 D9 CA E9 : R..H...../P..... 0020: 08 4F B1 D9 5A 76 4B C5 C5 C5 1F 12 08 07 82 62 : .O..ZvK........b 0030: 9F 4B 03 6A : .K.j [libssh2] 2.631114 Conn: channel_read() filled 4 adjusted 4 [libssh2] 2.631125 SFTP: Data begin - Packet Length: 114 [libssh2] 2.631138 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.631150 Conn: channel_read() got 114 of data from 0/0/0 [ul] [libssh2] 2.631163 SFTP: Received packet 2 (len 114) [libssh2] 2.631174 SFTP: Asking for 2 packet [libssh2] 2.631184 SFTP: Got 2 [libssh2] 2.631193 SFTP: Enabling SFTP version 3 compatability So far, so good -- we're past KEXINIT, past the INIT/VERSION exchange for starting the SFTP subsystem. Now we send the OPEN request: [libssh2] 2.631291 SFTP: Sending file open request [libssh2] 2.631305 Conn: Writing 33 bytes on channel 0/0, stream #0 [libssh2] 2.631320 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.631332 Conn: Sending 33 bytes on channel 0/0, stream_id=0 => libssh2_transport_write plain (42 bytes) 0000: 5E 00 00 00 00 00 00 00 21 00 00 00 1D 03 00 00 : ^.......!....... 0010: 00 00 00 00 00 08 74 65 73 74 2E 74 78 74 00 00 : ......test.txt.. 0020: 00 01 00 00 00 04 00 00 81 B6 : .......... [libssh2] 2.631445 Socket: Sent 68/68 bytes at 0x982a230 => libssh2_transport_write send() (68 bytes) 0000: 32 45 77 61 5E 43 D5 7B F8 D9 AE F8 CC 46 AE 3F : 2Ewa^C.{.....F.? 0010: 5A E9 A6 2C C4 BA 92 6C 3B FF A2 2E A3 6F AF ED : Z..,...l;....o.. 0020: 98 35 AC 8D 4D B3 43 76 89 C2 D7 B1 DD 3F F8 0E : .5..M.Cv.....?.. 0030: D7 3D ED 26 92 50 C5 60 2E 30 5C 75 E3 1C CE 45 : .=.&.P.`.0\u...E 0040: 76 13 60 89 : v.`. [libssh2] 2.631502 SFTP: Asking for 102 packet [libssh2] 2.631512 SFTP: Asking for 101 packet [libssh2] 2.631521 SFTP: recv packet [libssh2] 2.631532 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.631545 Failure Event: -37 - Would block waiting for status message [libssh2] 2.672505 SFTP: Asking for 102 packet [libssh2] 2.672529 SFTP: Asking for 101 packet [libssh2] 2.672539 SFTP: recv packet [libssh2] 2.672549 Conn: channel_read() wants 4 bytes from channel 0/0 stream #0 [libssh2] 2.672568 Socket: Recved 52/16384 bytes to 0x981c578+0 => libssh2_transport_read() raw (52 bytes) 0000: 92 20 1B 6B 03 00 7D 6C 2A DC 76 79 74 AF 05 2F : . .k..}l*.vyt../ 0010: 6B BD 28 0F BA 45 97 D5 D4 3A 52 69 11 D2 13 9E : k.(..E...:Ri.... 0020: AB 2A EC 87 A8 E7 09 08 D9 67 13 73 B9 9C 58 D6 : .*.......g.s..X. 0030: 6F 8E D6 8D : o... => libssh2_transport_read() plain (28 bytes) 0000: 5E 00 00 00 00 00 00 00 13 00 00 00 0F 66 00 00 : ^............f.. 0010: 00 00 00 00 00 06 72 55 63 66 56 4F : ......rUcfVO [libssh2] 2.672678 Transport: Packet type 94 received, length=28 [libssh2] 2.672690 Conn: 19 bytes packet_add() for 0/0/0 [libssh2] 2.672705 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.672718 Conn: channel_read() got 4 of data from 0/0/0 [libssh2] 2.672730 SFTP: Data begin - Packet Length: 15 [libssh2] 2.672742 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.672753 Conn: channel_read() got 15 of data from 0/0/0 [ul] [libssh2] 2.672766 SFTP: Received packet 102 (len 15) [libssh2] 2.672777 SFTP: Asking for 102 packet [libssh2] 2.672792 SFTP: Open command successful OK, the OPEN request succeeded. Now we send a READ, to start getting the data in that file: [libssh2] 2.672957 SFTP: Reading 8192 bytes from SFTP handle [libssh2] 2.672974 Conn: Writing 31 bytes on channel 0/0, stream #0 [libssh2] 2.672990 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.673002 Conn: Sending 31 bytes on channel 0/0, stream_id=0 => libssh2_transport_write plain (40 bytes) 0000: 5E 00 00 00 00 00 00 00 1F 00 00 00 1B 05 00 00 : ^............... 0010: 00 01 00 00 00 06 72 55 63 66 56 4F 00 00 00 00 : ......rUcfVO.... 0020: 00 00 00 00 00 00 20 00 : ...... . [libssh2] 2.673143 Socket: Sent 52/52 bytes at 0x90542b0 => libssh2_transport_write send() (52 bytes) 0000: 12 3E F6 BB CD 52 EA 5A 12 6F BD 8C 87 2D 5E F8 : .>...R.Z.o...-^. 0010: 14 1D BB 79 A3 E2 F4 C5 30 14 B2 AD 1A E6 12 DC : ...y....0....... 0020: 9B A7 5D A9 DA E1 C9 A2 A6 0D D2 A3 FE C4 57 93 : ..]...........W. 0030: 87 D5 C6 F1 : .... [libssh2] 2.673195 SFTP: Asking for 103 packet [libssh2] 2.673205 SFTP: Asking for 101 packet [libssh2] 2.673215 SFTP: recv packet [libssh2] 2.673226 Socket: Error recving 16384 bytes to 0x981c578+0: 11 [libssh2] 2.673238 Failure Event: -37 - Would block waiting for status message [libssh2] 2.675898 SFTP: Asking for 103 packet [libssh2] 2.675915 SFTP: Asking for 101 packet [libssh2] 2.675925 SFTP: recv packet [libssh2] 2.675934 Conn: channel_read() wants 4 bytes from channel 0/0 stream #0 [libssh2] 2.675951 Socket: Recved 84/16384 bytes to 0x981c578+0 => libssh2_transport_read() raw (84 bytes) 0000: F8 11 28 3A 61 F8 B0 69 06 C4 70 BB 64 24 95 B3 : ..(:a..i..p.d$.. 0010: B1 71 2D CB B8 FB 60 D2 9E 7C 99 FA 68 88 6B 6C : .q-...`..|..h.kl 0020: A7 93 52 08 B6 ED 32 32 25 50 3A 2C 97 BB 7C 73 : ..R...22%P:,..|s 0030: 2F DA D1 59 84 82 57 3A 7E 7D 02 F1 34 EF D4 B3 : /..Y..W:~}..4... 0040: C3 C5 3D 50 B2 98 46 4A EB B3 EE CC 7B D1 79 1F : ..=P..FJ....{.y. 0050: DD E0 AC 69 : ...i [libssh2] 2.676521 Failure Event: -29 - compress/decompression failure [libssh2] 2.676537 Failure Event: -1 - transport read [libssh2] 2.676547 Failure Event: -21 - Read part of packet [libssh2] 2.676558 Failure Event: -1 - Timeout waiting for status message And there, I think, is a sign of the issue: [libssh2] 2.676521 Failure Event: -29 - compress/decompression failure The question is, though: why did the decompression fail? And why does it fail at this point, when reading file data (as opposed to earlier, when decompressing the rest of the messages on that subsystem/channel)? I'll keep poking at this to see if I can find any additional clues... TJ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ And forget not that the earth delights to feel your bare feet and the winds long to play with your hair. -Kahlil Gibran ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Aug 31 23:03:14 2010 Return-Path: Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VL331W004585; Tue, 31 Aug 2010 23:03:11 +0200 Received: from mcfeely.foofus.net (mcfeely.foofus.net [64.73.34.167]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o7VL30au004378 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 31 Aug 2010 23:03:01 +0200 Received: (qmail 21181 invoked from network); 31 Aug 2010 21:02:49 -0000 Received: from unknown (HELO ?127.0.0.1?) (relay@127.0.0.1) by localhost with ESMTPA; 31 Aug 2010 21:02:49 -0000 Subject: Re: Thread safety issues From: jmk To: libssh2 development In-Reply-To: <87y6bmh59n.fsf@mocca.josefsson.org> References: <1282839657.18286.4.camel@localhost> <000501cb46e7$567e7970$037b6c50$@com> <1283201535.18729.59.camel@localhost> <1283206745.18729.70.camel@localhost> <87occjp69d.fsf@mocca.josefsson.org> <1283283836.18534.28.camel@localhost> <87occiimlp.fsf@mocca.josefsson.org> <1283287411.18534.56.camel@localhost> <87y6bmh59n.fsf@mocca.josefsson.org> Organization: Foofus Networks Date: Tue, 31 Aug 2010 16:02:49 -0500 Message-ID: <1283288569.18534.61.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.30.2 X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [127.0.0.1]); Tue, 31 Aug 2010 23:03:14 +0200 (CEST) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Tue, 31 Aug 2010 23:03:02 +0200 (CEST) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.13 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libssh2-devel-bounces@cool.haxx.se Errors-To: libssh2-devel-bounces@cool.haxx.se On Tue, 2010-08-31 at 22:54 +0200, Simon Josefsson wrote: > It may be simpler to call libssh2_init globally before firing up any > threads. Then you only need to supply mutexes to the crypto library. Not feasible given the current design of my application -- all SSH code is contained within a module, which can be loaded by one or more threads. The core application doesn't have any SSH specific code in it. Fortunately, calling libssh2_init() multiple times doesn't *appear* to be causing me any issues. Joe _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel