From libssh2-devel-bounces@cool.haxx.se Mon Jul 1 21:55:59 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r61JtOoN008383; Mon, 1 Jul 2013 21:55:49 +0200 Received: from mail-ea0-x235.google.com (mail-ea0-x235.google.com [IPv6:2a00:1450:4013:c01::235]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r61JtM34008305 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 1 Jul 2013 21:55:23 +0200 Received: by mail-ea0-f181.google.com with SMTP id a15so2333670eae.12 for ; Mon, 01 Jul 2013 12:55:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=vwaiGzzlW8Gun3WoeOOcSHPGSEwGYtYyqLOYLScKSFc=; b=Fha0BcvnATCmbONroNsdEpH0Rz/FVXApJUZFtlAwionGT04c1EuioH/Kk51frnGx2w vxY+7wO+ogi4Ljm2Az1yOA5wC1xJz3yE2rd0lp2cHfRqBrs372PvdVsZmu6SODJ+fpBR y6hs+cjuSxNyKkrO7Ba5slhsugTD0laxWWB9UGsu1C+q6F9Mj2v/EhZWhvt+aHvzLb7Y XsoshtIIrn9TECJhsK+fXVHXxOOus7XTJL3QwbmPUh5aE76xfvpZ1sPpeJbD9vt6tk41 RoR0y7Yp+lm2AVU+nxKoeQQFM7cjKg9S0ulhVVEDuq3VFf8gZBF3+xJtxWfYIgPYLKfV hbdA== MIME-Version: 1.0 X-Received: by 10.15.41.196 with SMTP id s44mr22718740eev.138.1372708517879; Mon, 01 Jul 2013 12:55:17 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 12:55:17 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 12:55:17 -0700 (PDT) Date: Mon, 1 Jul 2013 12:55:17 -0700 Message-ID: Subject: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0539591079==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0539591079== Content-Type: multipart/alternative; boundary=089e0163449c96d17204e0789b1b --089e0163449c96d17204e0789b1b Content-Type: text/plain; charset=ISO-8859-1 Hi The values returned by libssh2_host_key is returned as size_t. How can I convert it to bits. I seem to be getting 23 additional bytes and therefore have used (size returned - 23) *8. Also when computing the hash I have used md5 for RSA and sha1 for DSS. Is this the correct way? --089e0163449c96d17204e0789b1b Content-Type: text/html; charset=ISO-8859-1

Hi

The values returned by libssh2_host_key is returned as size_t. How can I convert it to bits. I seem to be getting 23 additional bytes and therefore have used (size returned - 23) *8.

Also when computing the hash I have used md5 for RSA and sha1 for DSS. Is this the correct way?

--089e0163449c96d17204e0789b1b-- --===============0539591079== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0539591079==-- From libssh2-devel-bounces@cool.haxx.se Mon Jul 1 23:12:00 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r61LBhqp019917; Mon, 1 Jul 2013 23:11:57 +0200 Received: from mail-vb0-x236.google.com (mail-vb0-x236.google.com [IPv6:2607:f8b0:400c:c02::236]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r61LBfY3019865 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 1 Jul 2013 23:11:41 +0200 Received: by mail-vb0-f54.google.com with SMTP id q12so4079732vbe.13 for ; Mon, 01 Jul 2013 14:11:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=Y7Cm4rhefJu4RW1L/A1SMAmbgYAmSlipP9V09MTYf/k=; b=C/fuT2SSMro1LhhrJ8m3/QkPuftztyH4la9Zz+tqn2XSBv3cgMkV5PxKshnxD2AYTZ r8p3K56B3QQg1Em4DwQN3Qj3xwL1sJHDL/RCRizhBQpMcA5EBjnb2UvabP07c16CiN8Y xG/oSzado/AR01woYpf4fr4oS3Olcqm8JOOo0eo5NB6Ky0x/skWcMaSJgzBidGE+lKiT WAusjqFcQnchx9k+ui+4ZlFIvQJDmhLoXSwVjCuJUYm5eHORe4VMzon6heGFx4meGbTb MSOQEJK8/uuK0NQJyvgGmuqj+FWWLo30VzUD/GaQa6OdYqYgpmUt/vkezguVzyrsKnvM qRSg== MIME-Version: 1.0 X-Received: by 10.58.202.1 with SMTP id ke1mr10119858vec.85.1372713095260; Mon, 01 Jul 2013 14:11:35 -0700 (PDT) Received: by 10.52.178.98 with HTTP; Mon, 1 Jul 2013 14:11:35 -0700 (PDT) In-Reply-To: References: Date: Mon, 1 Jul 2013 22:11:35 +0100 X-Google-Sender-Auth: wM4SiDxkfJxq7BokKx5JEOYQ18U Message-ID: Subject: Re: SSH2 host key length and hash compute From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 1 July 2013 20:55, Kalpesh Parekh wrote: > Hi > > The values returned by libssh2_host_key is returned as size_t. How can I > convert it to bits. I seem to be getting 23 additional bytes and therefore > have used (size returned - 23) *8. There is no libssh2_host_key? Do you mean libssh2_hostkey_hash or libssh2_session_hostkey? > Also when computing the hash I have used md5 for RSA and sha1 for DSS. Is > this the correct way? You mention hashes so I'm going to assume you meant libssh2_hostkey_hash. I don't know why you think it returns a value as size_t. The return is a const char* string and the size is either 16 bytes or 20 bytes depending on whether you requested MD5 for SHA1. Alex _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jul 2 08:34:41 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r626YEgU022827; Tue, 2 Jul 2013 08:34:35 +0200 Received: from mail-ee0-x236.google.com (mail-ee0-x236.google.com [IPv6:2a00:1450:4013:c00::236]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r626YC8A022798 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Tue, 2 Jul 2013 08:34:12 +0200 Received: by mail-ee0-f54.google.com with SMTP id t10so2491660eei.13 for ; Mon, 01 Jul 2013 23:34:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=NyHt99gYkz7VxjG9lxshrnl0HU1olVl4tudfw1Kb2eo=; b=md4rd91Y3OiWS3weCTK582BXqu32Wosmlow+K0VKW6EDR0DLH9BCchOuIuX6Syi8u9 SxbWkbmWp7yrHwCPaB9VFC1r9/Q8UpfNkvxr8JvG+OFVLQQjTGIH7bxGQ+ib0zXYHnbC euu3QYxV4X003BKGy4xqlnNwgU0TtqW7V9pub6pVPnokhySRT4+cZ7aS84eb1PQmzeHX yaLVxkTH1Er9XWIvgHi6Gx86RIbeGC0+puSkeXbuJxTT/QInnFTRKCOkI2H6FwmOaj6g JEunr8Btaq4UrrWG3leRkurkO+QN0Ru9S/NSLWIfY/77XOoQ6CJDEmdqqflofEZanoCi s1sA== MIME-Version: 1.0 X-Received: by 10.14.241.136 with SMTP id g8mr24494684eer.104.1372746847690; Mon, 01 Jul 2013 23:34:07 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 23:34:07 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 23:34:07 -0700 (PDT) In-Reply-To: References: Date: Mon, 1 Jul 2013 23:34:07 -0700 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0065519177==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0065519177== Content-Type: multipart/alternative; boundary=001a1132ecb6394ef504e081880c --001a1132ecb6394ef504e081880c Content-Type: text/plain; charset=ISO-8859-1 Hi Alex The APIs I am using are libssh2_session_hostkey to retreive the host key and libssh2_hostkey_hash to compute the hash from the key. The first API returns the length of the host key in a variable passed to it as a function argument. The variable is of size_t type and indicates the size of host key. I need to convert this value to bits. Can you let me know how can I do this? This variable is passed to the second api and the hash is returned. Here based on the type of host key, if it is RSA I request for the md5 hash and sha1 hash for DSS key. Let me know if my assumption is correct here Kalpesh --001a1132ecb6394ef504e081880c Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

Hi Alex

The APIs I am using are libssh2_session_hostkey to retreive = the host key and=A0 libssh2_hostkey_hash to compute the hash from the key.<= /p>

The first API returns the length of the host key in a variab= le passed to it as a function argument. The variable is of size_t type and = indicates the size of host key. I need to convert this value to bits. Can y= ou let me know how can I do this?

This variable is passed to the second api and the hash is re= turned. Here based on the type of host key, if it is RSA I request for the = md5 hash and sha1 hash for DSS key. Let me know if my assumption is correct= here

Kalpesh

--001a1132ecb6394ef504e081880c-- --===============0065519177== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0065519177==-- From libssh2-devel-bounces@cool.haxx.se Tue Jul 2 08:37:06 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r626b4fc026037; Tue, 2 Jul 2013 08:37:05 +0200 Received: from mail-ea0-x230.google.com (mail-ea0-x230.google.com [IPv6:2a00:1450:4013:c01::230]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r626b2wg025884 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Tue, 2 Jul 2013 08:37:02 +0200 Received: by mail-ea0-f176.google.com with SMTP id z15so2480576ead.7 for ; Mon, 01 Jul 2013 23:36:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=0DmnofMK5GbD2fwGYsXbRHH40mqJWEaQ+6ygO87lYBY=; b=ck0hDYd5G21eto9AGDN7LLb/4UeijhMR0mR1bsew7XJUQp1aOiy5/FoOBTJkRLpPqG iImi7PMmspPWs1V+4t1VMykeMsnTR8Ja42B88BUaFcBn7+dMGI+bOfjoSPM/foYgo1/1 gLZ7zufCd1yEY+6Y7n1xVXsC5y30q9EAILngrG4rgTk8nd430G0Ungs+CuJryVkEoLws WK7SmX890qqH0cNqgZ3as7Dy+lFR3tkya3uoHAvwQs3Sv6AthswPiFp8DmPmakcHyBq0 Yn1dfCaPm9TWFTrpQ+gj6I5PzgyAdPqbWUy8zChVC9ifxqj+zQmcWrhSioKWGKS+xkTN BUmg== MIME-Version: 1.0 X-Received: by 10.14.241.136 with SMTP id g8mr24503978eer.104.1372747017717; Mon, 01 Jul 2013 23:36:57 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 23:36:57 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 23:36:57 -0700 (PDT) In-Reply-To: References: Date: Mon, 1 Jul 2013 23:36:57 -0700 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0824623366==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0824623366== Content-Type: multipart/alternative; boundary=001a1132ecb65bbf6d04e08192f4 --001a1132ecb65bbf6d04e08192f4 Content-Type: text/plain; charset=ISO-8859-1 Correction the value returned by first a API is used as input to second API. --001a1132ecb65bbf6d04e08192f4 Content-Type: text/html; charset=ISO-8859-1

Correction the value returned by first a API is used as input to second API.

--001a1132ecb65bbf6d04e08192f4-- --===============0824623366== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0824623366==-- From libssh2-devel-bounces@cool.haxx.se Tue Jul 2 10:58:23 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r628w2lZ029959; Tue, 2 Jul 2013 10:58:19 +0200 Received: from mail-ie0-x233.google.com (mail-ie0-x233.google.com [IPv6:2607:f8b0:4001:c03::233]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r628vxrM029825 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Tue, 2 Jul 2013 10:58:00 +0200 Received: by mail-ie0-f179.google.com with SMTP id c10so11562170ieb.38 for ; Tue, 02 Jul 2013 01:57:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=TEqQZDppTDG0wRt1KZViC6VYlI0ksHlbxBDT/oer34s=; b=XDtDvJCQyVR5hSPorAs29j9E5ROFomRQf9lUhFxtdciaDwtlClIqpfP7dzVO+oL5ZC sEECdzxp/9w/4t8cYvwxsGk+VB+pptr+FJpTxZyxPROABC2PDmRTC2CZM5qdL3/ZuU8k ASv+2OEJHwAG0pMLT9xJ1sT3mgD52WpvAKrrvhNsc1V90P3jVlyLxWBPUmY7p6CZ6Xna oZ3U+RibrylBVOlVD/IUI2zeL6Et6UG1lgKj9b4cVD4QHbF3cspeHz1WDZJFeMoXGzmx qCdkxI2ENSrNzOuL8agy0UxWHsWzKk46AEFGElFi4fMoU3ROopHAVCKRPlAoZj/5dsrN 0mIg== MIME-Version: 1.0 X-Received: by 10.50.1.37 with SMTP id 5mr19609841igj.29.1372755473139; Tue, 02 Jul 2013 01:57:53 -0700 (PDT) Received: by 10.50.242.65 with HTTP; Tue, 2 Jul 2013 01:57:53 -0700 (PDT) In-Reply-To: References: Date: Tue, 2 Jul 2013 09:57:53 +0100 X-Google-Sender-Auth: 8XxbuzJyN-tEzXeoNO0fXiJq16o Message-ID: Subject: Re: SSH2 host key length and hash compute From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 2 July 2013 07:34, Kalpesh Parekh wrote: > Hi Alex > > The APIs I am using are libssh2_session_hostkey to retreive the host key and > libssh2_hostkey_hash to compute the hash from the key. > > The first API returns the length of the host key in a variable passed to it > as a function argument. The variable is of size_t type and indicates the > size of host key. I need to convert this value to bits. Can you let me know > how can I do this? Why do you need to convert it to bits? What does that actually mean? The size_t length is just a number. > This variable is passed to the second api and the hash is returned. Have you read the documentation? http://www.libssh2.org/libssh2_hostkey_hash.html http://www.libssh2.org/libssh2_session_hostkey.html The two functions are unrelated. You do not pass the output from one as the input to the other. > Here > based on the type of host key, if it is RSA I request for the md5 hash and > sha1 hash for DSS key. Let me know if my assumption is correct here You can request MD5 or SHA1, as you wish, independent of the key type. Alex -- Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jul 2 16:04:36 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r62E486h031984; Tue, 2 Jul 2013 16:04:31 +0200 Received: from mail-ee0-x22d.google.com (mail-ee0-x22d.google.com [IPv6:2a00:1450:4013:c00::22d]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r62E46gZ031850 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Tue, 2 Jul 2013 16:04:07 +0200 Received: by mail-ee0-f45.google.com with SMTP id c1so2768056eek.18 for ; Tue, 02 Jul 2013 07:04:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=fDewIPJw2UaX5GiB+Hpl+1eZ/XR4mN1wRU6lMz421O8=; b=qU4mxqHTV6FDrt93g47rc/zxPT00cRSbsA24Sd57ALD22hqbRDeS8yieeHchF8Jkdg QACJ2R42KLPJGjw/A1cPgnam0tG6KklzFyQkSAtKVCKJ463QhqndkvZLzIOgS+tUDwq8 Vp26QaPKSLlKpuwjzDF+MFSRjdfVZ5SIY41GcoZKqTmxcgHGJgrUZeRhxWYPsyyH78de tR3+wf8B0hggwEmh/lQ4yakcZJafKdLyJHIHHkvqXXUi95fp56qdD6F2PcnnXVbKIgXF 6TE0lBnCVTbgsZG+/etileD260aGMg85leJDO+8axQx4b/jouCGbIFv+q8aHzcO/Devu 93aQ== MIME-Version: 1.0 X-Received: by 10.15.63.67 with SMTP id l43mr26637736eex.5.1372773839471; Tue, 02 Jul 2013 07:03:59 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Tue, 2 Jul 2013 07:03:59 -0700 (PDT) In-Reply-To: References: Date: Tue, 2 Jul 2013 07:03:59 -0700 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0214254719==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0214254719== Content-Type: multipart/alternative; boundary=001a1132eb700f2b9d04e087d155 --001a1132eb700f2b9d04e087d155 Content-Type: text/plain; charset=ISO-8859-1 >From: Alexander Lamaison > >Date: Tue, 2 Jul 2013 09:57:53 +0100 *>*On 2 July 2013 07:34, Kalpesh Parekh *>*wrote: *> Hi Alex * *> * *> The APIs I am using are libssh2_session_hostkey to retreive the host >key and * *> libssh2_hostkey_hash to compute the hash from the key. * *> * *> The first API returns the length of the host key in a variable passed to >it * *> as a function argument. The variable is of size_t type and indicates >the * *> size of host key. I need to convert this value to bits. Can you let me >know * *> how can I do this? * *>*Why do you need to convert it to bits? What does that actually mean? *>*The size_t length is just a number. The requirement is to show the strength of the host key in bits. I assumed the length of the host key should be indicating this value and tried to convert it to bits from size_t. How does ssh-keygen -l calcuate the strength in bits? *> This variable is passed to the second api and the hash is returned. * *>*Have you read the documentation? *>*http://www.libssh2.org/libssh2_hostkey_hash.html *>*http://www.libssh2.org/libssh2_session_hostkey.html *>*The two functions are unrelated. You do not pass the output from one *>*as the input to the other. Thanks for the correction. I gave you incorrect information here. But my code is implemented as per the API documentation. *> Here * *> based on the type of host key, if it is RSA I request for the md5 hash and * *> sha1 hash for DSS key. Let me know if my assumption is correct here * *>*You can request MD5 or SHA1, as you wish, independent of the key *>*type. Thanks. This information is helpful. *>*Alex --001a1132eb700f2b9d04e087d155 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
>From: Alexander Lamaison <swish_at_lammy.co.uk>
>Date: Tue, 2 Jul 2013 09:57:53 +0100

>On 2 July 2013 07:34, Kalpesh Parekh <kalpesh.ork2_at_gmail.com= > >wrote:
> Hi Alex
>
> The APIs I am using are libssh2_session_hostkey to retreive the host= >key and
> libssh2_hostkey_hash to compute the hash from the key.
>
> The first API returns the length of the host key i= n a variable passed to >it
> as a function argument. The= variable is of size_t type and indicates >the
> size of host key. I need to convert this value to bits. Can you le= t me >know
> how can I do this?

>Why do you need to convert it to bits? What does that act= ually mean?
>The size_t length is just a number.
=A0
The requirement is to show the strength of the host key in bits. I ass= umed the length of the host key should be indicating this value and tried t= o convert it to bits from size_t. How does ssh-keygen -l calcuate the stren= gth in bits?

> This variable is passed to the second api and the hash is retur= ned.

>Have you read the documentation?

>http://www.libssh2.org/libssh2_hostkey_hash.html >http://www.libssh2.org/libssh2_session_hostkey.html

=A0
Thanks for the correction. I gave you incorrect information here. But = my code is implemented as per the API documentation.

> Here
> based on the type of host key, if it is = RSA I request for the md5 hash and
> sha1 hash for DSS key.= Let me know if my assumption is correct here

>You can request MD5 or SHA1, as you wish, independent of = the key >type.
=A0
Thanks. This information is helpful.

>Alex

--001a1132eb700f2b9d04e087d155-- --===============0214254719== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0214254719==-- From libssh2-devel-bounces@cool.haxx.se Wed Jul 3 02:16:23 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r630GLEr017078; Wed, 3 Jul 2013 02:16:22 +0200 Received: from mail-ve0-x234.google.com (mail-ve0-x234.google.com [IPv6:2607:f8b0:400c:c01::234]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r630GIJt017035 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 3 Jul 2013 02:16:19 +0200 Received: by mail-ve0-f180.google.com with SMTP id pa12so5436231veb.11 for ; Tue, 02 Jul 2013 17:16:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=bFEBMvwliGSCxQ+E0p3A4fDe0e7qCX74S5F+zuXFEkU=; b=WJz4QI6wDZEiv10MbKIw6fu7oQdRSa0EcC1Y+7Ig/1FtV33T7a5unWJcmd+pJM5N6E nrl4L7PlBFtcbjQ1NvAGEJV9014slkigDUIUfslPpQsL704vFS0TTRcpaQ5Q5LcKVl0f louM6Dmxcfd/3hMnxCiFesYq12LN7pu3W3HI1wDps+vfecjMpla5REwiXiqwauaZXRjl L01LszoBXuCPEEQ7ZylWcHv+nnLrXekgYshO/IILwIhVx0IUPejxfsIxNY18C5uBebvA x8+L3AQ14mCEIowxO8eIIHvC+1FJn5dvWPBAkFrH1b0YHOFUbpc3S6DH/N+NzpdU4tKf baDg== MIME-Version: 1.0 X-Received: by 10.58.85.161 with SMTP id i1mr11706415vez.97.1372810574677; Tue, 02 Jul 2013 17:16:14 -0700 (PDT) Received: by 10.52.178.98 with HTTP; Tue, 2 Jul 2013 17:16:14 -0700 (PDT) In-Reply-To: References: Date: Wed, 3 Jul 2013 01:16:14 +0100 X-Google-Sender-Auth: 3QuGG3uhkor2idpbKULIG7YWET0 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 3 July 2013 01:13, Alexander Lamaison wrote: > On 2 July 2013 15:03, Kalpesh Parekh wrote: >>>From: Alexander Lamaison >>>Date: Tue, 2 Jul 2013 09:57:53 +0100 >> >>>On 2 July 2013 07:34, Kalpesh Parekh >wrote: >> >>> Hi Alex >>> >>> The APIs I am using are libssh2_session_hostkey to retreive the host >key >>> and >>> libssh2_hostkey_hash to compute the hash from the key. >>> >>> The first API returns the length of the host key in a variable passed to >>> >it >>> as a function argument. The variable is of size_t type and indicates >the >>> size of host key. I need to convert this value to bits. Can you let me >>> >know >>> how can I do this? >>>Why do you need to convert it to bits? What does that actually mean? >>>The size_t length is just a number. >> >> The requirement is to show the strength of the host key in bits. I assumed >> the length of the host key should be indicating this value and tried to >> convert it to bits from size_t. > > The length of the host key returned by session_hostkey is the exact > size of the buffer holding the "server public host key and > certificates (K_S)" in bytes (see RFC 4253 [1]). I'm not sure of the > exact relationship between that and the key strength, but another part > of RFC 4253 [2] indicated that that buffer may include a "format > identifier" (presumably ssh-rsa or ssh-dsa) before the key data. > Therefore, I wouldn't trust that they key strength is the returned > length * 8. > >> How does ssh-keygen -l calcuate the strength >> in bits? > > It extract the actual key data and counts the significant bits of one > of the key fields. For DSA the prime, for RSA the modulus. > > [1] http://tools.ietf.org/html/rfc4253#section-8 > [2] http://tools.ietf.org/html/rfc4253#section-6.6 Could one of the crypto bods take a look at this? I've just done some educated guesswork from reading the source and various RFCs, so plenty of scope for error. Alex -- Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 3 02:21:49 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r630EAe7015837; Wed, 3 Jul 2013 02:14:32 +0200 Received: from mail-ve0-x22f.google.com (mail-ve0-x22f.google.com [IPv6:2607:f8b0:400c:c01::22f]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r630DvLF015594 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 3 Jul 2013 02:14:06 +0200 Received: by mail-ve0-f175.google.com with SMTP id da11so5448950veb.34 for ; Tue, 02 Jul 2013 17:13:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=biab63/vGuiAWOyjqQbF+NXvjmNbbcMvsGPpw4xLgzk=; b=w/jrE8wSD+KUWwgwRH+UrH1I/F68Rf0xXtw3JBTgpjfKgC8lwYtK4Hn+9xvZtFsBV6 7FrMLjG3gddEVqxPUZqWd7A/3NXYGPY9R15LcHH9zc2oyQdzWpuAV3TxLUP2spgAiy2B X3zK7V3jh1EIgkXO9mokZBuO7Oq0DoLJHaXHXE1iu6fSgjJ0f2hnHP7w9NG24PqG8M13 t6uc9YngNp75x+tSfh2TSAD17srnGfx1FsnHjnIEGKOGOgbIP+k+zMdozap9o+t0ZGYJ uR2K+lOtqSXHVs2pIAJmYW1+Sp80oc7xRAgBaRpINP7TXTf6IwLlinhVtWWapgGZtBja h9qA== MIME-Version: 1.0 X-Received: by 10.58.118.8 with SMTP id ki8mr11914012veb.84.1372810432001; Tue, 02 Jul 2013 17:13:52 -0700 (PDT) Received: by 10.52.178.98 with HTTP; Tue, 2 Jul 2013 17:13:51 -0700 (PDT) In-Reply-To: References: Date: Wed, 3 Jul 2013 01:13:51 +0100 X-Google-Sender-Auth: KIQrizdtfCXv1jnt3RRvcjmNYhc Message-ID: Subject: Re: SSH2 host key length and hash compute From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 2 July 2013 15:03, Kalpesh Parekh wrote: >>From: Alexander Lamaison >>Date: Tue, 2 Jul 2013 09:57:53 +0100 > >>On 2 July 2013 07:34, Kalpesh Parekh >wrote: > >> Hi Alex >> >> The APIs I am using are libssh2_session_hostkey to retreive the host >key >> and >> libssh2_hostkey_hash to compute the hash from the key. >> >> The first API returns the length of the host key in a variable passed to >> >it >> as a function argument. The variable is of size_t type and indicates >the >> size of host key. I need to convert this value to bits. Can you let me >> >know >> how can I do this? >>Why do you need to convert it to bits? What does that actually mean? >>The size_t length is just a number. > > The requirement is to show the strength of the host key in bits. I assumed > the length of the host key should be indicating this value and tried to > convert it to bits from size_t. The length of the host key returned by session_hostkey is the exact size of the buffer holding the "server public host key and certificates (K_S)" in bytes (see RFC 4253 [1]). I'm not sure of the exact relationship between that and the key strength, but another part of RFC 4253 [2] indicated that that buffer may include a "format identifier" (presumably ssh-rsa or ssh-dsa) before the key data. Therefore, I wouldn't trust that they key strength is the returned length * 8. > How does ssh-keygen -l calcuate the strength > in bits? It extract the actual key data and counts the significant bits of one of the key fields. For DSA the prime, for RSA the modulus. [1] http://tools.ietf.org/html/rfc4253#section-8 [2] http://tools.ietf.org/html/rfc4253#section-6.6 Alex -- Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Jul 4 12:07:45 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r64A7Fdr015109; Thu, 4 Jul 2013 12:07:39 +0200 Received: from mail-ee0-x22f.google.com (mail-ee0-x22f.google.com [IPv6:2a00:1450:4013:c00::22f]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r64A7DaC015083 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Thu, 4 Jul 2013 12:07:13 +0200 Received: by mail-ee0-f47.google.com with SMTP id e49so657351eek.34 for ; Thu, 04 Jul 2013 03:07:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=d98NFWClHGB9HZnp1i8iGcBEf/ZFdoCgbcaWmdd9kn0=; b=doXvhDRXEgK000IoV94bT4Sz4W+3wbogC0hRBra/x0LZTC66Tn2CYN1XYZxLXVWmuu fwO+hMLH53pScjMVQfpuCvhso8pmkIBMx73Fp6T1N58j98wPKSlMsxyvDsgge8HfnmEM D3j0EkhjF+blGUz+oYDXHrXDbt0NlMZYUQt8l2mxn+C7C69rq8Nf9A2c+7cYLCAQfOjW oIMRbOTIydhCTvfnz0BJrqh3jQZ6Fj9S8+kE8g9/Uq+a9FpirgN3r5Yp+RGJU4LaYlsV KHdLmO9czSAcjiJAbDdUtARvyV3XsTlYjqIcafyd9i55nihtVBcpjwxQ/NwiSu/UUjAe vABw== MIME-Version: 1.0 X-Received: by 10.15.41.196 with SMTP id s44mr5745597eev.138.1372932429197; Thu, 04 Jul 2013 03:07:09 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Thu, 4 Jul 2013 03:07:09 -0700 (PDT) In-Reply-To: References: Date: Thu, 4 Jul 2013 03:07:09 -0700 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0020909650==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0020909650== Content-Type: multipart/alternative; boundary=089e0163449cbe57be04e0acbd5f --089e0163449cbe57be04e0acbd5f Content-Type: text/plain; charset=ISO-8859-1 Thanks Alex, So far it has been helpful. So based on the RFC, I understand that the host key received from the server has following components K_S || f || s I need to parse the K_S part for RSA key. How do I do that. Also, how can I implement a generic logic for getting the bit strength from the host key. --089e0163449cbe57be04e0acbd5f Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Thanks Alex,
=A0
So far it has been helpful.
=A0
So based on the RFC, I understand that the host key received from the = server has following components
K_S || f || s
=A0
I need to parse=A0the K_S part for RSA key. How do I do that.
=A0
Also, how can I implement a generic logic for getting the bit strength= from the host key.
=A0
--089e0163449cbe57be04e0acbd5f-- --===============0020909650== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0020909650==-- From libssh2-devel-bounces@cool.haxx.se Thu Jul 4 13:18:39 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r64BIJns025932; Thu, 4 Jul 2013 13:18:35 +0200 Received: from mail-ve0-x22f.google.com (mail-ve0-x22f.google.com [IPv6:2607:f8b0:400c:c01::22f]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r64BIGpW025860 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Thu, 4 Jul 2013 13:18:17 +0200 Received: by mail-ve0-f175.google.com with SMTP id da11so928254veb.34 for ; Thu, 04 Jul 2013 04:18:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=sDkfQ6TM7sn/fCMxN+euA3WQHAGe8nSAM7XbpTg27XU=; b=zT7pwNjWv6F1cdttguwCesXjO64rHLNVsPV7/UoAQ11qYfyu4AsvYFzm4fvApKEq5o ee9pWyZRROjPLSxkXDLcBoz0Opf0O6Bk4S5cPZRNkJOebnfaj1rwSiqbeHtS9YE32wMv wNMifg56zZiMUR7T5xDNBy/SSnnyNwhVyXlhC4tPrDtCQFeMO+csLvxEJNVqULt18hkr DUj4v8bvUupkQzIPGzV5UBLlbruiXRXvSgihi9ChPpBximr2qnHoywFwlgOdspgi83ga kNhbK0X9eDbDvqZk1fh9GmrI/J5syDwb2Bapk1ci0taj1cwskvXKWWVC92CByvIZZMpB m15w== MIME-Version: 1.0 X-Received: by 10.220.6.135 with SMTP id 7mr2623552vcz.72.1372936690491; Thu, 04 Jul 2013 04:18:10 -0700 (PDT) Received: by 10.52.178.98 with HTTP; Thu, 4 Jul 2013 04:18:10 -0700 (PDT) In-Reply-To: References: Date: Thu, 4 Jul 2013 12:18:10 +0100 X-Google-Sender-Auth: lZo3Af6CsYZ4qm246_3Jo416Y7g Message-ID: Subject: Re: SSH2 host key length and hash compute From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 4 July 2013 11:07, Kalpesh Parekh wrote: > > So based on the RFC, I understand that the host key received from the server > has following components > K_S || f || s But they contents of the buffer returned by session_hostkey is just K_S. > I need to parse the K_S part for RSA key. How do I do that. The RFC says (6.6): Certificates and public keys are encoded as follows: string certificate or public key format identifier byte[n] key/certificate data The certificate part may be a zero length string, but a public key is required. This is the public key that will be used for authentication. The certificate sequence contained in the certificate blob can be used to provide authorization. So the first part of K_S is a length-prefixed sring (all strings in SSH are length-prefixed). So read the first 4 bytes of K_S to get the length, then skip forward that many bytes (may be 0) to ignore the format identifier. The next n bytes are the key data, where n is host-key-length - 4 - format-id-length. > Also, how can I implement a generic logic for getting the bit strength from > the host key. I guess the way OpenSSH does it: depending on key type, convert to an RSA or DSA struct and count the significant bits in the modulus or prime. Maybe we need another API function in the library. This advice depends on me having interpreted the RFC correctly which I may not have. Try it out and poke the bits with a debugger to see if it makes sense. Alex -- Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat Jul 6 15:16:53 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r66DGLIK020329; Sat, 6 Jul 2013 15:16:44 +0200 Received: from mail-oa0-x231.google.com (mail-oa0-x231.google.com [IPv6:2607:f8b0:4003:c02::231]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r66DGICN020266 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Sat, 6 Jul 2013 15:16:19 +0200 Received: by mail-oa0-f49.google.com with SMTP id n9so4500303oag.36 for ; Sat, 06 Jul 2013 06:16:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=le19t7J7kuJFvsL2fL4MyDIaIpPVE3kVzhFBUi0DeLI=; b=QVVgU0rd3LJ9Dhvqy4mr31yNqcCVyysp0CIcgiZ6n7bOYosETFh1dXd5lXxEgudhnX 11Mo2k2ba2xN3F8vMLn38ojybg1mjUZMq7YpuyCSmVW8C8k0jouvejRY+rpVNHUlgksM O4WgEkYxFCRrlfQqSxa3E2iGQhCGBvnLelgNtlVFxjt8IImjD4u0dvuopc8z4yUc7br/ 7c9haVc2K3OAq5Rm+JWjbvccmqu+v5FObApi5cQCA+kfsk4wKgME9Qn2o5/f6yWky3Xb OebMaliKAK7i8GCV7Djt/S+83MjNS2khByyaV7hF6jvMgcGPMKQisMKFlyjOU+y0mSV5 2BZQ== MIME-Version: 1.0 X-Received: by 10.182.237.107 with SMTP id vb11mr15177214obc.84.1373116571614; Sat, 06 Jul 2013 06:16:11 -0700 (PDT) Received: by 10.76.126.196 with HTTP; Sat, 6 Jul 2013 06:16:11 -0700 (PDT) Date: Sat, 6 Jul 2013 16:16:11 +0300 Message-ID: Subject: Using the putty private key for authentication From: Velichko Yuriy To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0060156792==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0060156792== Content-Type: multipart/alternative; boundary=e89a8ff1cd6a7ced4104e0d79da1 --e89a8ff1cd6a7ced4104e0d79da1 Content-Type: text/plain; charset=ISO-8859-1 Hello! I have problems with authentification with putty privat key using function: libssh2_userauth_publickey_fromfile() The connection is not established with error: Unable to establish SSH tunnel. Authentification by public key failed. If convert the key to the OpenSSH format - and use new file - the authentification performed correctly. Can anyone suggest how can I use the putty key to establish ssh connections. Maybe c/c++ libs that converts the putty key... Thanks! -- Best Regards! --e89a8ff1cd6a7ced4104e0d79da1 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

Hello!

I have problems with authentification with putty privat key using f= unction: libssh2_userauth_publickey_fromfile()

The= connection is not established with error:

Unable to establish SSH tunnel. Authentification by pub= lic key failed.=A0

If convert the key to the OpenS= SH format - and use new file =A0- the authentification =A0performed correct= ly.

Can anyone suggest how can I use the putty key to estab= lish ssh connections.
Maybe c/c++ libs that converts the putty ke= y...=A0

Thanks!

--=A0
Best=A0Regards!
--e89a8ff1cd6a7ced4104e0d79da1-- --===============0060156792== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0060156792==-- From libssh2-devel-bounces@cool.haxx.se Sat Jul 6 15:22:14 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r66DMA3C023184; Sat, 6 Jul 2013 15:22:12 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r66DM9SI023172 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sat, 6 Jul 2013 15:22:09 +0200 Received: (qmail 21156 invoked by uid 501); 6 Jul 2013 13:22:08 -0000 Message-ID: <20130706132208.21155.qmail@stuge.se> Date: Sat, 6 Jul 2013 15:22:08 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Using the putty private key for authentication Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Velichko Yuriy wrote: > I have problems with authentification with putty privat key using > function: libssh2_userauth_publickey_fromfile() The file format used by PuTTY currently isn't supported by libssh2. > Can anyone suggest how can I use the putty key to establish ssh > connections. libssh2 does support using keys loaded into a running Pageant. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 04:47:11 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r682kdiJ012977; Mon, 8 Jul 2013 04:47:03 +0200 Received: from m13-140.163.com (m13-140.163.com [220.181.13.140]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r682kYBC012957; Mon, 8 Jul 2013 04:46:35 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=Received:Date:From:To:Subject:In-Reply-To: References:Content-Type:MIME-Version:Message-ID; bh=8wvEXtq7FSS6 ZeCK99Sljmhob6SUmx4UDL6nA5lf2e0=; b=Mo9wxiF6pNme8dJ47gp/++fWwj63 D/AwIaGKbune1ngXvT+9F/ENUxRH3gaqeJAr4um/sg4Iq+eT76loF6v3IRZ2fbBK k3zXsBcfvokKr4YMM3LIR6toSFI1VRTVjldbxAENNF6RoFYF52vGoBnGYSiOFrpG m0pH1xxuBnvOPuE= Received: from e_balloon$163.com ( [220.248.0.154] ) by ajax-webmail-wmsvr140 (Coremail) ; Mon, 8 Jul 2013 10:46:30 +0800 (CST) X-Originating-IP: [220.248.0.154] Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST) From: balloon To: libssh2-devel@cool.haxx.se, curl-library@cool.haxx.se Subject: Re:Re:Re: Segmentation fault libssh2_session_last_errno (session=0x0) at session.c:1219 (Daniel Stenberg) X-Priority: 3 X-Mailer: Coremail Webmail Server Version SP_ntes V3.5 build 20130613(22460.5432.5432) Copyright (c) 2002-2013 www.mailtech.cn 163com In-Reply-To: References: X-CM-CTRLDATA: 1nashmZvb3Rlcl9odG09NTA3Mzo4MQ== MIME-Version: 1.0 Message-ID: <2f94c453.a1db.13fbc2c5b40.Coremail.e_balloon@163.com> X-CM-TRANSID: jMGowED5kEMHKNpR0_l_AA--.7242W X-CM-SenderInfo: phbetzhorr0qqrwthudrp/xtbBzxZTd1D+ce0DagACsk X-Coremail-Antispam: 1U5529EdanIXcx71UUUUU7vcSsGvfC2KfnxnUU== X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1049472328==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1049472328== Content-Type: multipart/alternative; boundary="----=_Part_153863_621824447.1373251590976" ------=_Part_153863_621824447.1373251590976 Content-Type: text/plain; charset=GBK Content-Transfer-Encoding: 7bit >This shows that the problem is in libcurl when sends a NULL to libssh2 so that >it crashes. >I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups >there. I'd like you to rebuild libcurl with debug symbols left so that the >stack trace becomes usable. >It shouldn't matter that it is Java, but it can very well be a problem that >occurs only with that specific server implementation. I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include #include size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream) { size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream); return len; } int main(int argc, char**argv) { char host[100]; if(argc < 2) { std::cout<<"Nonono~~~input sftpserver ip pls."< CONNECT handle 0x86ecc8; line 1020 (connection #-5000) * About to connect() to 9.111.23.100 port 22 (#0) * Trying 9.111.23.100... * Adding handle: conn: 0x877cf8 * Adding handle: send: 0 * Adding handle: recv: 0 * Curl_addHandleToPipeline: length: 1 * 0x865828 is at send pipe head! * - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0 * STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0) * Connected to 9.111.23.100 (9.111.23.100) port 22 (#0) * SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT * SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP * STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0) Program received signal SIGSEGV, Segmentation fault. 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in ?? () #1 0x00000000005c4a20 in DES_SPtrans () #2 0x00000032759549e0 in ?? () from /lib64/libc.so.6 #3 0x0000000000000014 in ?? () #4 0x0000000000885778 in ?? () #5 0x0000000000887437 in ?? () #6 0x0000000000886780 in ?? () #7 0x00000000008869c0 in ?? () #8 0x0000000000886980 in ?? () #9 0xc3e557dbb4ac6000 in ?? () #10 0x22f09ddde873b1bc in ?? () #11 0x000000005c053c02 in ?? () #12 0x000000000088649c in ?? () #13 0x00007fffffffce30 in ?? () #14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8 ) at hostkey.c:329 Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) ------=_Part_153863_621824447.1373251590976 Content-Type: text/html; charset=GBK Content-Transfer-Encoding: 7bit
>This shows that the problem is in libcurl when sends a NULL to libssh2 so that 
>it crashes.

>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups 
>there. I'd like you to rebuild libcurl with debug symbols left so that the 
>stack trace becomes usable.

>It shouldn't matter that it is Java, but it can very well be a problem that 
>occurs only with that specific server implementation.
I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.
Here is my src code:
#include <iostream>
#include <curl.h>

size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream)
{

    size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream);
    return len;
}

int main(int argc, char**argv)
{
char host[100];
if(argc < 2)
{
std::cout<<"Nonono~~~input sftpserver ip pls."<<std::endl;
return 1;
}
strcpy(host,argv[1]);
std::string sftp_url="sftp://";
sftp_url+=host;
sftp_url+="/a.txt";
curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str());
    CURL *curl = curl_easy_init();
    if (!curl)
    {
        std::cout<<"Fail to  initialize curl."<<std::endl;
        return 1;
    }
    curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD);
    curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test");
    FILE *fd = fopen("tmp.txt", "w");
    
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd);
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);

    // specify downloading file size
    curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1);
    CURLcode res = CURL_LAST;

    res = curl_easy_perform(curl);

    if (CURLE_OK == res)
    {
         std::cout<<"succeed."<<std::endl;
        curl_easy_cleanup(curl);
	return 0;
    }
    else
    {
	std::cout<<"fail."<<std::endl;
        curl_easy_cleanup(curl);
	return 1;
    }
}

Here is the result, pls let me know what can I do next.  Thanks.
Starting program: /root/a.out 9.111.23.100
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000
[Thread debugging using libthread_db enabled]
sftp url: sftp://9.111.23.100/a.txt
* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000) 
* About to connect() to 9.111.23.100 port 22 (#0)
*   Trying 9.111.23.100...
* Adding handle: conn: 0x877cf8
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* 0x865828 is at send pipe head!
* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0
* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0) 
* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0)
* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT
* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP
* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0) 

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt
#0  0x0000000000000000 in ?? ()
#1  0x00000000005c4a20 in DES_SPtrans ()
#2  0x00000032759549e0 in ?? () from /lib64/libc.so.6
#3  0x0000000000000014 in ?? ()
#4  0x0000000000885778 in ?? ()
#5  0x0000000000887437 in ?? ()
#6  0x0000000000886780 in ?? ()
#7  0x00000000008869c0 in ?? ()
#8  0x0000000000886980 in ?? ()
#9  0xc3e557dbb4ac6000 in ?? ()
#10 0x22f09ddde873b1bc in ?? ()
#11 0x000000005c053c02 in ?? ()
#12 0x000000000088649c in ?? ()
#13 0x00007fffffffce30 in ?? ()
#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8
)
    at hostkey.c:329
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb) 



------=_Part_153863_621824447.1373251590976-- --===============1049472328== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1049472328==-- From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 15:38:00 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68DbcPq005632; Mon, 8 Jul 2013 15:37:56 +0200 Received: from mailserver1.emailconfig.com (mailserver1.emailconfig.com [109.68.33.146]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68Dbbas005599 for ; Mon, 8 Jul 2013 15:37:37 +0200 Received: from mail.jcfxtrading.com (localhost [127.0.0.1]) by mailserver1.emailconfig.com (Postfix) with ESMTPA id BEBF5340698 for ; Mon, 8 Jul 2013 14:37:32 +0100 (BST) MIME-Version: 1.0 Date: Mon, 08 Jul 2013 06:37:32 -0700 From: chris@jcfxtrading.com To: libssh2-devel@cool.haxx.se Subject: openssh Message-ID: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com> X-Sender: chris@jcfxtrading.com User-Agent: Webmail/0.9.2 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" libssh2 has a dependency on openssh Where can I get hold of the openssh source files? Thanks _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 15:50:14 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68Do9o8013863; Mon, 8 Jul 2013 15:50:13 +0200 Received: from mail-vb0-x229.google.com (mail-vb0-x229.google.com [IPv6:2607:f8b0:400c:c02::229]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68Do7lS013726 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 8 Jul 2013 15:50:07 +0200 Received: by mail-vb0-f41.google.com with SMTP id p13so3388010vbe.14 for ; Mon, 08 Jul 2013 06:50:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=mj41L5PwAFE4DDerqq28xaW4AlaeB6ABwie+cdRFOgY=; b=RT+FBc03OmLQghVeoz9FgmcTwwb1ZqK8SGTqCPsy5Vo09BrCye6cy9dqiv+v/yk1jM LBlQoggrkilFl0aAENooSKlbXkvKK3temL3vCP2GnL8xAMGMgp9pymzEHA4fvJABbr+k n7/pYttY/q+89tWV8fgAqbAkfi/85qtj3P3PTwz9aGltU4DuiPDUnu+LVDxEgJyPKfDB t6fdB5aUOeAUpLf5xkmUdDbmuQp9ncmVdx5IPy4T/sXrzrtDPk7jJGrP6dEF0eiGecxV TaCgO381Xs9G1O+vib+Vg2huRxlLiLPwv8XSazVxoQgSPqCZiqIrdVfFxcI1y6M5JVCh yOaw== MIME-Version: 1.0 X-Received: by 10.58.238.167 with SMTP id vl7mr13911559vec.19.1373291401818; Mon, 08 Jul 2013 06:50:01 -0700 (PDT) Received: by 10.52.178.98 with HTTP; Mon, 8 Jul 2013 06:50:01 -0700 (PDT) Received: by 10.52.178.98 with HTTP; Mon, 8 Jul 2013 06:50:01 -0700 (PDT) In-Reply-To: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com> References: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com> Date: Mon, 8 Jul 2013 14:50:01 +0100 X-Google-Sender-Auth: k6Vsuotfq3_QD648VoZ0TUAWKAY Message-ID: Subject: Re: openssh From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0083645601==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0083645601== Content-Type: multipart/alternative; boundary=047d7bdcac182db98b04e10052f6 --047d7bdcac182db98b04e10052f6 Content-Type: text/plain; charset=ISO-8859-1 On 8 Jul 2013 14:39, wrote: > > libssh2 has a dependency on openssh > > Where can I get hold of the openssh source files? http://bit.ly/12yacys --047d7bdcac182db98b04e10052f6 Content-Type: text/html; charset=ISO-8859-1

On 8 Jul 2013 14:39, <chris@jcfxtrading.com> wrote:
>
> libssh2 has a dependency on openssh
>
> Where can I get hold of the openssh source files?

http://bit.ly/12yacys

--047d7bdcac182db98b04e10052f6-- --===============0083645601== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0083645601==-- From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 17:48:46 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68FmTw3022458; Mon, 8 Jul 2013 17:48:43 +0200 Received: from mail-ea0-x22b.google.com (mail-ea0-x22b.google.com [IPv6:2a00:1450:4013:c01::22b]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68FmSee022427 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 8 Jul 2013 17:48:28 +0200 Received: by mail-ea0-f171.google.com with SMTP id m14so3008740eaj.16 for ; Mon, 08 Jul 2013 08:48:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=agywer+j9Te4auMhyO27JpwYLHPAqWaGKXV6NYRLBwg=; b=eYwm/Luh98QdrIzUXFFpb6v3+noNsSymyMr69Bmq4hptO244a+AuzbmEMPFEBWXDOG 6QhCRg+HsvQ0aDFPeaZmCJIgT7srK8CfjTIVYuYfpFkG34MvLyFFtUsL2PvE9uR2ca0R 1EgvO4SoXVdpmCK+fkMvbBZfQ21jRbRtaYHOLvu6QQpGeby0+HHS9cF6kYEM64bjMo7u FMps/M0XzXxcBvTLoVN8KYc+NH6QRdMRNao/A81vAnLSg10xcbZgfWHpUdXkM0p3Jen9 hay0wsQj1pn41wqkajnhD9J7b+yZhscEugqyItwztc2HdTbeSSADKo7q0Md01LEiqYDu acvg== MIME-Version: 1.0 X-Received: by 10.14.246.77 with SMTP id p53mr25470882eer.11.1373298504490; Mon, 08 Jul 2013 08:48:24 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Mon, 8 Jul 2013 08:48:24 -0700 (PDT) In-Reply-To: References: Date: Mon, 8 Jul 2013 08:48:24 -0700 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============2079279347==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============2079279347== Content-Type: multipart/alternative; boundary=001a1132f3f48804b404e101f902 --001a1132f3f48804b404e101f902 Content-Type: text/plain; charset=ISO-8859-1 First, apologies for not replying inline to the emails. After your suggestions Alex, here is what I could determine. I printed out the hex code for the session key for both RSA and DSA types in my setup. Here are the first few bytes: (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81 (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81 As you mentioned, the first four bytes indicate, the length of the identifier (7 in this case) 73 73 68 2D 72 73 61=ssh-rsa 73 73 68 2D 64 73 73=ssh-dsa The next four bytes for RSA indicates some sort of value. In my case it is #. For DSA, it indicates (length of the key + 1) verified through ssh-keygen -l command. For RSA, the last four bytes printed above indicate (length of the key + 1). My next target is to decode the signature blobs. I feel like I am close and can close this if any one can help. On Thu, Jul 4, 2013 at 3:07 AM, Kalpesh Parekh wrote: > Thanks Alex, > > So far it has been helpful. > > So based on the RFC, I understand that the host key received from the > server has following components > K_S || f || s > > I need to parse the K_S part for RSA key. How do I do that. > > Also, how can I implement a generic logic for getting the bit strength > from the host key. > > --001a1132f3f48804b404e101f902 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
First, a= pologies for not replying inline to the emails.

After your sug= gestions Alex, here is what I could determine.

I printed out t= he hex code for the session key for both RSA and DSA types in my setup.

Here are the first few bytes:
(RSA) 00 00 00 07 73 73 68 = 2D 72 73 61 00 00 00 01 23 00 00 00 81=20

(DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81

As you mentioned, the first four bytes indicate, the length= of the identifier=A0 (7 in this case)
73 73 68 2D 72 73 61=3Dssh-rsa 73 73 68 2D 64 73 73=3Dssh-dsa

The next four bytes for RSA i= ndicates some sort of value. In my case it is #. For DSA, it indicates (len= gth of the key + 1) verified through ssh-keygen -l command.
For RSA, the last four bytes printed above indicate (length of the ke= y + 1).




My next target is to dec= ode the signature blobs. I feel like I am close and can close this if any o= ne can help.




<= br>


On Thu, Jul 4, 2013 at 3:07 AM, K= alpesh Parekh <kalpesh.ork2@gmail.com> wrote:
Thanks Alex,
=A0
So far it has been helpful.
=A0
So based on the RFC, I understand that the host key received from the = server has following components
K_S || f || s
=A0
I need to parse=A0the K_S part for RSA key. How do I do that.
=A0
Also, how can I implement a generic logic for getting the bit strength= from the host key.
=A0

--001a1132f3f48804b404e101f902-- --===============2079279347== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============2079279347==-- From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 17:49:17 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68FnGwF022822; Mon, 8 Jul 2013 17:49:17 +0200 Received: from mail-ee0-x230.google.com (mail-ee0-x230.google.com [IPv6:2a00:1450:4013:c00::230]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68FnFfa022802 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 8 Jul 2013 17:49:15 +0200 Received: by mail-ee0-f48.google.com with SMTP id b47so2886513eek.21 for ; Mon, 08 Jul 2013 08:49:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=J0OHMSkouviGW2xu0p4Vxbh2BKablnGxG/4UaJyoTbU=; b=UDutxGLEj+Z2cHZbU1L7ZUOuo+rrkdtIOpNrgpugTxr4FSnZFCEMto2C0aqILOhpsb lbvxBNUj1fsENRE9KOEfqw/xYATTKoPmj5cCQ9jZ0s7bOqw4/YtcteBSzfuNHZm0qB+X yQJDx8yGWEMNI97I3q1MQViM7YsubAVhGM/8ElX7Dmhj8IEtcuPxuknw1KPYw48Shbr0 Jqs44MX7/ZDRJEnYbqqUnJyntieylfPZM88+6azy2ZzMgexrUV3Q1lIcbjH3l3BtneQP JpdPyDRjRsUV4/MzGlvELVHuVJYv3Li1iWoEVRJOTQ+NqqlSK9/fENnT7MYlodofRt35 911A== MIME-Version: 1.0 X-Received: by 10.14.194.133 with SMTP id m5mr25616821een.109.1373298551466; Mon, 08 Jul 2013 08:49:11 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Mon, 8 Jul 2013 08:49:11 -0700 (PDT) In-Reply-To: References: Date: Mon, 8 Jul 2013 08:49:11 -0700 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0991591070==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0991591070== Content-Type: multipart/alternative; boundary=047d7b342f0654d78104e101fc4c --047d7b342f0654d78104e101fc4c Content-Type: text/plain; charset=ISO-8859-1 See this link http://tools.ietf.org/html/rfc4253#page-15 Per the link, DSA signature is encoded as follows: string "ssh-dss" string dss_signature_blob RSA signature is encoded as follows: string "ssh-rsa" string rsa_signature_blob On Mon, Jul 8, 2013 at 8:48 AM, Kalpesh Parekh wrote: > First, apologies for not replying inline to the emails. > > After your suggestions Alex, here is what I could determine. > > I printed out the hex code for the session key for both RSA and DSA types > in my setup. > > Here are the first few bytes: > (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81 > > (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81 > > As you mentioned, the first four bytes indicate, the length of the > identifier (7 in this case) > 73 73 68 2D 72 73 61=ssh-rsa > 73 73 68 2D 64 73 73=ssh-dsa > > The next four bytes for RSA indicates some sort of value. In my case it is > #. For DSA, it indicates (length of the key + 1) verified through > ssh-keygen -l command. > For RSA, the last four bytes printed above indicate (length of the key + > 1). > > > > > My next target is to decode the signature blobs. I feel like I am close > and can close this if any one can help. > > > > > > > > > On Thu, Jul 4, 2013 at 3:07 AM, Kalpesh Parekh wrote: > >> Thanks Alex, >> >> So far it has been helpful. >> >> So based on the RFC, I understand that the host key received from the >> server has following components >> K_S || f || s >> >> I need to parse the K_S part for RSA key. How do I do that. >> >> Also, how can I implement a generic logic for getting the bit strength >> from the host key. >> >> > > --047d7b342f0654d78104e101fc4c Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
See this link

http://tools.ietf.org/html/rfc4253#page-15=

Per the link, DSA signature is encoded as follows:
string "ssh-dss"
string dss_signature_blob

RSA signature is encoded as f= ollows:
string "ssh-rsa"
string rsa_signature_blob


<= div class=3D"gmail_quote">On Mon, Jul 8, 2013 at 8:48 AM, Kalpesh Parekh <kalpesh.ork2@gmail.com> wrote:
First, apologies for not replying inline to the emai= ls.

After your suggestions Alex, here is what I could determine.
<= br>
I printed out the hex code for the session key for both RSA and DS= A types in my setup.

Here are the first few bytes:
(RSA) 00 00 00 07 73 73 68 = 2D 72 73 61 00 00 00 01 23 00 00 00 81=20

(DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81

As you mentioned, the first four bytes indicate, the length= of the identifier=A0 (7 in this case)
73 73 68 2D 72 73 61=3Dssh-rsa 73 73 68 2D 64 73 73=3Dssh-dsa

The next four bytes for RSA i= ndicates some sort of value. In my case it is #. For DSA, it indicates (len= gth of the key + 1) verified through ssh-keygen -l command.
For RSA, the last four bytes printed above indicate (length of the ke= y + 1).




My next target is to dec= ode the signature blobs. I feel like I am close and can close this if any o= ne can help.







--047d7b342f0654d78104e101fc4c-- --===============0991591070== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0991591070==-- From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 20:28:15 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68IRt2H032622; Mon, 8 Jul 2013 20:28:10 +0200 Received: from mail-out.m-online.net (mail-out.m-online.net [212.18.0.10]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68IRr73032588 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 8 Jul 2013 20:27:53 +0200 Received: from frontend1.mail.m-online.net (frontend1.mail.intern.m-online.net [192.168.8.180]) by mail-out.m-online.net (Postfix) with ESMTP id 3bpwBf2Q5pz3hhjv for ; Mon, 8 Jul 2013 20:27:53 +0200 (CEST) Received: from localhost (dynscan1.mnet-online.de [192.168.6.68]) by mail.m-online.net (Postfix) with ESMTP id 3bpwBd2WJGzbbcv for ; Mon, 8 Jul 2013 20:27:53 +0200 (CEST) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.180]) by localhost (dynscan1.mail.m-online.net [192.168.6.68]) (amavisd-new, port 10024) with ESMTP id WqsDAZ0l9rDW for ; Mon, 8 Jul 2013 20:27:52 +0200 (CEST) X-Auth-Info: gkvLjP2uPb5N3bq8mllBthJpo0PmMvxk+Fpv/uS1M5o= Received: from colibri.localdomain (ppp-93-104-61-73.dynamic.mnet-online.de [93.104.61.73]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPSA for ; Mon, 8 Jul 2013 20:27:52 +0200 (CEST) Received: by colibri.localdomain (Postfix, from userid 501) id B966E10E9D; Mon, 8 Jul 2013 20:27:51 +0200 (CEST) Date: Mon, 8 Jul 2013 20:27:51 +0200 From: Dan Fandrich To: libssh2-devel@cool.haxx.se Subject: Re: openssh Message-ID: <20130708182751.GC26793@coneharvesters.com> Mail-Followup-To: libssh2-devel@cool.haxx.se References: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Mon, Jul 08, 2013 at 06:37:32AM -0700, chris@jcfxtrading.com wrote: > libssh2 has a dependency on openssh > > Where can I get hold of the openssh source files? Are you sure you don't mean OpenSSL? libssh2 had nothing to do with OpenSSH last time I checked. >>> Dan _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jul 9 01:00:18 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68MxshI017394; Tue, 9 Jul 2013 01:00:14 +0200 Received: from mail-ve0-x229.google.com (mail-ve0-x229.google.com [IPv6:2607:f8b0:400c:c01::229]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68MxqoO017370 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Tue, 9 Jul 2013 00:59:52 +0200 Received: by mail-ve0-f169.google.com with SMTP id m1so4154549ves.0 for ; Mon, 08 Jul 2013 15:59:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=eJmCXfP3lE4CXUIKmD7rmavNv2tzUzy3KpHKQcn6ywM=; b=YzfxvmvRqpruFQkbx6m0S8huD0N9SwYFC2XIgImVHnuKKumgV2U812+48iTAEqVlEw Gby3l29fov3yIttcAW7+D3O20g73Hl8d85JEdDBC3bENcjKYDTP5rbI4WaTrq8rFLXW9 +NyNK+aCGbhtpbiBODxaD4uDu9m/04Wrf4tdF5awQx41rzzW8QXViGFOMuUxDa8QvL6K akB6CPZXJ7K2kalszGRdcKES/BjpXBV12rmbnzgDqTIfrobsRePZMjXTPHwgplWuoItW 1UUr5E4Z8P8NmbxZgldh+FELJBehbp1PDjZW584YRVaGB5DH7JttDw+PFIdXWnfctvKn b8lA== MIME-Version: 1.0 X-Received: by 10.52.170.103 with SMTP id al7mr12700318vdc.27.1373324386548; Mon, 08 Jul 2013 15:59:46 -0700 (PDT) Received: by 10.52.178.98 with HTTP; Mon, 8 Jul 2013 15:59:46 -0700 (PDT) In-Reply-To: References: Date: Mon, 8 Jul 2013 23:59:46 +0100 X-Google-Sender-Auth: 2iB_6fjmjqu2B4rTiMnklSGZgx8 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 8 July 2013 16:48, Kalpesh Parekh wrote: > First, apologies for not replying inline to the emails. > > After your suggestions Alex, here is what I could determine. > > I printed out the hex code for the session key for both RSA and DSA types in > my setup. > > Here are the first few bytes: > (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81 > > (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81 > > As you mentioned, the first four bytes indicate, the length of the > identifier (7 in this case) > 73 73 68 2D 72 73 61=ssh-rsa > 73 73 68 2D 64 73 73=ssh-dsa > > The next four bytes for RSA indicates some sort of value. In my case it is > #. That value is the RSA public exponent field 'e' (see [1]) in SSH 'mpint' form (see [2]). The cheeky thing about the way RFC 4251 defines mpint is that it says it is a two's complement integer *stored as a string*. In other words it has a length-prefix, so your exponent is a 1 byte two's-complement integer 35 (hex 23). > For DSA, it indicates (length of the key + 1) verified through ssh-keygen > -l command. > For RSA, the last four bytes printed above indicate (length of the key + 1). For DSA the next field is the public prime number 'p', again, length-prefixed. This is the field of the DSA key that indicates it's strength (at least that's how ssh-keygen -l calculates it). I'm guessing the length is one byte more than expected because of the following from the mpint definition: "If the most significant bit would be set for a positive number, the number MUST be preceded by a zero byte." So the strength of the key is actually the number of significant bits in the 'p' field, rather than the length in the string prefix, which is reassuringly similar to how ssh-keygen calculates it by passing the field to BN_num_bits. Similarly for the RSA key, except that the next field is the public modulus 'n'. > http://tools.ietf.org/html/rfc4253#page-15 > > Per the link, DSA signature is encoded as follows: > string "ssh-dss" > string dss_signature_blob > > RSA signature is encoded as follows: > string "ssh-rsa" > string rsa_signature_blob These are *signatures* rather than keys. I don't know exactly where they fit in, but they don't seem to apply here. Usual caveat: I've just worked this lot out from reading the RFCs etc, so you should really check it with someone better versed in crypto. [1] http://tools.ietf.org/html/rfc4253#page-15 [2] http://tools.ietf.org/html/rfc4251#page-9 Alex -- Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jul 9 09:23:04 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r697Mb1b014588; Tue, 9 Jul 2013 09:22:59 +0200 Received: from m13-145.163.com (m13-145.163.com [220.181.13.145]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r697MUiL014546; Tue, 9 Jul 2013 09:22:31 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=Received:Date:From:To:Cc:Subject:In-Reply-To: References:Content-Type:MIME-Version:Message-ID; bh=8Uia0QFXXyTz afXYQpFR56X0EBKZdQIG+q/M5jvJStY=; b=FCDH/4bt3lxnwMHsfvhz6tL+IU/u cNjInCFaKNqd1CTLF62pZDFhQBD9gmfbjcu1ZLEhSjGhSD6iW8lh1OErWMrxmfgz cv5NnL82E1QE+k3tvzBIgAvkHD0Yy4T+fImunUgDEBSFfFV4VXfs4wM7AZqgWlD8 fpU2ddOJ/oGT5kc= Received: from e_balloon$163.com ( [220.248.0.154] ) by ajax-webmail-wmsvr145 (Coremail) ; Tue, 9 Jul 2013 15:22:23 +0800 (CST) X-Originating-IP: [220.248.0.154] Date: Tue, 9 Jul 2013 15:22:23 +0800 (CST) From: balloon To: balloon Subject: Re:Re:libssh2-devel Digest, Vol 50, Issue 5 X-Priority: 3 X-Mailer: Coremail Webmail Server Version SP_ntes V3.5 build 20130613(22460.5432.5432) Copyright (c) 2002-2013 www.mailtech.cn 163com In-Reply-To: <4da23617.3441.13fc11b83c4.Coremail.e_balloon@163.com> References: <4da23617.3441.13fc11b83c4.Coremail.e_balloon@163.com> X-CM-CTRLDATA: Ggm5AWZvb3Rlcl9odG09OTkyNzo4MQ== MIME-Version: 1.0 Message-ID: <4bb399db.b8d6.13fc24f4949.Coremail.e_balloon@163.com> X-CM-TRANSID: kcGowECZj0IwuttRJZ6hAA--.5559W X-CM-SenderInfo: phbetzhorr0qqrwthudrp/1tbiQApVd1EADVsTkAACsu X-Coremail-Antispam: 1U5529EdanIXcx71UUUUU7vcSsGvfC2KfnxnUU== Cc: libcurl development , libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1649597800==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1649597800== Content-Type: multipart/alternative; boundary="----=_Part_174616_96161550.1373354543433" ------=_Part_174616_96161550.1373354543433 Content-Type: text/plain; charset=GBK Content-Transfer-Encoding: 7bit At 2013-07-09 09:46:13,balloon wrote: At 2013-07-08 18:00:03,libssh2-devel-request@cool.haxx.se wrote: >Send libssh2-devel mailing list submissions to > libssh2-devel@cool.haxx.se > >To subscribe or unsubscribe via the World Wide Web, visit > http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel >or, via email, send a message with subject or body 'help' to > libssh2-devel-request@cool.haxx.se > >You can reach the person managing the list at > libssh2-devel-owner@cool.haxx.se > >When replying, please edit your Subject line so it is more specific >than "Re: Contents of libssh2-devel digest..." > > >Today's Topics: > > 1. Re:Re:Re: Segmentation fault libssh2_session_last_errno > (session=0x0) at session.c:1219 (Daniel Stenberg) (balloon) > > >---------------------------------------------------------------------- > >Message: 1 >Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST) >From: balloon >To: libssh2-devel@cool.haxx.se, curl-library@cool.haxx.se >Subject: Re:Re:Re: Segmentation fault libssh2_session_last_errno > (session=0x0) at session.c:1219 (Daniel Stenberg) >Message-ID: <2f94c453.a1db.13fbc2c5b40.Coremail.e_balloon@163.com> >Content-Type: text/plain; charset="gbk" > >>This shows that the problem is in libcurl when sends a NULL to libssh2 so that >>it crashes. > >>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups >>there. I'd like you to rebuild libcurl with debug symbols left so that the >>stack trace becomes usable. > >>It shouldn't matter that it is Java, but it can very well be a problem that >>occurs only with that specific server implementation. >I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include >#include > >size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream) >{ > > size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream); > return len; >} > >int main(int argc, char**argv) >{ >char host[100]; >if(argc < 2) >{ >std::cout<<"Nonono~~~input sftpserver ip pls."<return 1; >} >strcpy(host,argv[1]); >std::string sftp_url="sftp://"; >sftp_url+=host; >sftp_url+="/a.txt";curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str()); CURL *curl = curl_easy_init(); > if (!curl) > { > std::cout<<"Fail to initialize curl."< return 1; > } > curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD); > curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test"); > FILE *fd = fopen("tmp.txt", "w"); > > curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd); > curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); > curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback); > > // specify downloading file size > curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1); > CURLcode res = CURL_LAST; > > res = curl_easy_perform(curl); > > if (CURLE_OK == res) > { > std::cout<<"succeed."< curl_easy_cleanup(curl); > return 0; > } > else > { > std::cout<<"fail."< curl_easy_cleanup(curl); > return 1; > } >} > >Here is the result, pls let me know what can I do next. Thanks. >Starting program: /root/a.out 9.111.23.100 >warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000 >[Thread debugging using libthread_db enabled] >sftp url: sftp://9.111.23.100/a.txt >* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000) >* About to connect() to 9.111.23.100 port 22 (#0) >* Trying 9.111.23.100... >* Adding handle: conn: 0x877cf8 >* Adding handle: send: 0 >* Adding handle: recv: 0 >* Curl_addHandleToPipeline: length: 1 >* 0x865828 is at send pipe head! >* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0 >* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0) >* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0) >* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT >* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP >* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0) > >Program received signal SIGSEGV, Segmentation fault. >0x0000000000000000 in ?? () >(gdb) bt >#0 0x0000000000000000 in ?? () >#1 0x00000000005c4a20 in DES_SPtrans () >#2 0x00000032759549e0 in ?? () from /lib64/libc.so.6 >#3 0x0000000000000014 in ?? () >#4 0x0000000000885778 in ?? () >#5 0x0000000000887437 in ?? () >#6 0x0000000000886780 in ?? () >#7 0x00000000008869c0 in ?? () >#8 0x0000000000886980 in ?? () >#9 0xc3e557dbb4ac6000 in ?? () >#10 0x22f09ddde873b1bc in ?? () >#11 0x000000005c053c02 in ?? () >#12 0x000000000088649c in ?? () >#13 0x00007fffffffce30 in ?? () >#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8 >) > at hostkey.c:329 >Backtrace stopped: previous frame inner to this frame (corrupt stack?) >(gdb) > I can also send u the SFTP serve binary to reproduce and investigate this issue if needed, but I fail to send it in this mail list due to size limitation. Maybe you can specify the space to me to upload the server binary. Thanks:) ------=_Part_174616_96161550.1373354543433 Content-Type: text/html; charset=GBK Content-Transfer-Encoding: 7bit
At 2013-07-09 09:46:13,balloon <e_balloon@163.com> wrote:

At 2013-07-08 18:00:03,
libssh2-devel-request@cool.haxx.se wrote:
>Send libssh2-devel mailing list submissions to
>	libssh2-devel@cool.haxx.se
>
>To subscribe or unsubscribe via the World Wide Web, visit
>	http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>or, via email, send a message with subject or body 'help' to
>	libssh2-devel-request@cool.haxx.se
>
>You can reach the person managing the list at
>	libssh2-devel-owner@cool.haxx.se
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of libssh2-devel digest..."
>
>
>Today's Topics:
>
>   1. Re:Re:Re: Segmentation fault  libssh2_session_last_errno
>      (session=0x0) at session.c:1219 (Daniel Stenberg) (balloon)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST)
>From: balloon  <e_balloon@163.com>
>To: libssh2-devel@cool.haxx.securl-library@cool.haxx.se
>Subject: Re:Re:Re: Segmentation fault  libssh2_session_last_errno
>	(session=0x0) at session.c:1219 (Daniel Stenberg)
>Message-ID: <2f94c453.a1db.13fbc2c5b40.Coremail.e_balloon@163.com>
>Content-Type: text/plain; charset="gbk"
>
>>This shows that the problem is in libcurl when sends a NULL to libssh2 so that 
>>it crashes.
>
>>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups 
>>there. I'd like you to rebuild libcurl with debug symbols left so that the 
>>stack trace becomes usable.
>
>>It shouldn't matter that it is Java, but it can very well be a problem that 
>>occurs only with that specific server implementation.
>I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include <iostream>
>#include <curl.h>
>
>size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream)
>{
>
>    size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream);
>    return len;
>}
>
>int main(int argc, char**argv)
>{
>char host[100];
>if(argc < 2)
>{
>std::cout<<"Nonono~~~input sftpserver ip pls."<<std::endl;
>return 1;
>}
>strcpy(host,argv[1]);
>std::string sftp_url="sftp://";
>sftp_url+=host;
>sftp_url+="/a.txt";curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str());    CURL *curl = curl_easy_init();
>    if (!curl)
>    {
>        std::cout<<"Fail to  initialize curl."<<std::endl;
>        return 1;
>    }
>    curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD);
>    curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test");
>    FILE *fd = fopen("tmp.txt", "w");
>    
>    curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd);
>    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
>    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
>
>    // specify downloading file size
>    curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1);
>    CURLcode res = CURL_LAST;
>
>    res = curl_easy_perform(curl);
>
>    if (CURLE_OK == res)
>    {
>         std::cout<<"succeed."<<std::endl;
>        curl_easy_cleanup(curl);
>	return 0;
>    }
>    else
>    {
>	std::cout<<"fail."<<std::endl;
>        curl_easy_cleanup(curl);
>	return 1;
>    }
>}
>
>Here is the result, pls let me know what can I do next.  Thanks.
>Starting program: /root/a.out 9.111.23.100
>warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000
>[Thread debugging using libthread_db enabled]
>sftp url: sftp://9.111.23.100/a.txt
>* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000) 
>* About to connect() to 9.111.23.100 port 22 (#0)
>*   Trying 9.111.23.100...
>* Adding handle: conn: 0x877cf8
>* Adding handle: send: 0
>* Adding handle: recv: 0
>* Curl_addHandleToPipeline: length: 1
>* 0x865828 is at send pipe head!
>* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0
>* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0) 
>* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0)
>* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT
>* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP
>* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0) 
>
>Program received signal SIGSEGV, Segmentation fault.
>0x0000000000000000 in ?? ()
>(gdb) bt
>#0  0x0000000000000000 in ?? ()
>#1  0x00000000005c4a20 in DES_SPtrans ()
>#2  0x00000032759549e0 in ?? () from /lib64/libc.so.6
>#3  0x0000000000000014 in ?? ()
>#4  0x0000000000885778 in ?? ()
>#5  0x0000000000887437 in ?? ()
>#6  0x0000000000886780 in ?? ()
>#7  0x00000000008869c0 in ?? ()
>#8  0x0000000000886980 in ?? ()
>#9  0xc3e557dbb4ac6000 in ?? ()
>#10 0x22f09ddde873b1bc in ?? ()
>#11 0x000000005c053c02 in ?? ()
>#12 0x000000000088649c in ?? ()
>#13 0x00007fffffffce30 in ?? ()
>#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8
>)
>    at hostkey.c:329
>Backtrace stopped: previous frame inner to this frame (corrupt stack?)
>(gdb) 
>
I can also send u  the SFTP serve binary to reproduce and investigate this issue if needed,  but I fail to send it in this mail list due to size limitation.
Maybe you can specify the space to me to upload the server binary. Thanks:)




------=_Part_174616_96161550.1373354543433-- --===============1649597800== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1649597800==-- From libssh2-devel-bounces@cool.haxx.se Tue Jul 9 10:44:57 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r698iksR006489; Tue, 9 Jul 2013 10:44:55 +0200 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r698ii3B006483 for ; Tue, 9 Jul 2013 10:44:45 +0200 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r698iVdv014484 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 9 Jul 2013 04:44:31 -0400 Received: from kdudka.brq.redhat.com (kdudka.brq.redhat.com [10.34.4.67]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r698iUgA003905; Tue, 9 Jul 2013 04:44:31 -0400 From: Kamil Dudka To: Dan Fandrich Subject: Re: openssh Date: Tue, 9 Jul 2013 10:42:45 +0200 User-Agent: KMail/1.12.4 (Linux/2.6.32-358.el6.x86_64; KDE/4.3.4; x86_64; ; ) References: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com> <20130708182751.GC26793@coneharvesters.com> In-Reply-To: <20130708182751.GC26793@coneharvesters.com> MIME-Version: 1.0 Message-Id: <201307091042.45634.kdudka@redhat.com> X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 Cc: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Monday 08 July 2013 20:27:51 Dan Fandrich wrote: > On Mon, Jul 08, 2013 at 06:37:32AM -0700, chris@jcfxtrading.com wrote: > > libssh2 has a dependency on openssh > > > > Where can I get hold of the openssh source files? > > Are you sure you don't mean OpenSSL? libssh2 had nothing to do with > OpenSSH last time I checked. It uses OpenSSH as a testing server for the smoke test which runs on 'make check'. Kamil _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jul 9 15:18:23 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r69DHF3A027768; Tue, 9 Jul 2013 15:18:17 +0200 Received: from mail-ee0-x22d.google.com (mail-ee0-x22d.google.com [IPv6:2a00:1450:4013:c00::22d]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r69DHDeT027751 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Tue, 9 Jul 2013 15:17:13 +0200 Received: by mail-ee0-f45.google.com with SMTP id c1so3617525eek.4 for ; Tue, 09 Jul 2013 06:17:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=dNl0W+O3yZ0MfwmoyBBVn7yCfA9Qj6woWoLIzR3KzbI=; b=CwWQQ9iy/x0mytbF54G8kDbz2k7vJ4roJZIs97igB1J+LA9MnRN+kdPFh/IRJlHD6G AOKKGRhLHNJ3UF0GjDjIfEpnPxuR9LB0OISvtUuO2SVG6GWaF91510ORuGDYxx71KuRd WUkYYv8ueqIWR1qQcHYk4mpHhu69j+yuj9HjvSZA6eUcqpMcMffeO6g0S+qWV5oSAQgG LkezOgDRSlu4Kvz/c7yDFRZ8VQ1rw44Grnq0p2ShWqJbf39v0s1vnLwoxgf90/PC4ZR8 WLRz1V1OCmZ4tzBxFhtZPKauCwlCdJ5+rnUadBif6cqLpc6yZyKvSwBMVSEy5OuA1AI/ 8I4w== MIME-Version: 1.0 X-Received: by 10.15.49.9 with SMTP id i9mr29992210eew.69.1373375829495; Tue, 09 Jul 2013 06:17:09 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Tue, 9 Jul 2013 06:17:09 -0700 (PDT) In-Reply-To: References: Date: Tue, 9 Jul 2013 06:17:09 -0700 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1527689613==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1527689613== Content-Type: multipart/alternative; boundary=001a11c3428275fcac04e113fad3 --001a11c3428275fcac04e113fad3 Content-Type: text/plain; charset=ISO-8859-1 This is the logic I have used and tested against a limited set of servers: 1) RSA key - i) Read the length of identifier ii) Skip that many bytes iii) Read the length of the exponent iv) Skip that many bytes v) Read the length of modulus. vi) If the first byte of modulus is 0x00 subtract -1 from the length of modulus. This is based on the RFC definition of mpint and some examples as follows. Example 2 and 3 are noteworthy. The length is 08 and the MSB is 0. So no padding with 0x00 was done. But for example 3, the padding was done and the length was set to 2. Examples: value (hex) representation (hex) ----------- -------------------- 0 00 00 00 00 9a378f9b2e332a7 00 00 00 08 09 a3 78 f9 b2 e3 32 a7 80 00 00 00 02 00 80 -1234 00 00 00 02 ed cc -deadbeef 00 00 00 05 ff 21 52 41 11 2) DSA key - i) Read the length of identifier ii) Skip that many bytes iii) Read the length of the modulus iv) If the first byte of modulus is 0x00 subtract -1 from the length of modulus. The logic is based off on RFC 4253-page #15 where the DSS key format and RSS key formats have been defined. The interpretation of the fields p,q,g,y, e and n can be found in RFC 3447, sec 3.1 and FIPS publication 186. The commonality is modulus represents (n for RSA and p for DSS) the length of the host key in bytes. Can some one from crypto group confirm if the interpretation is correct? Alex, I hope I am correct in saying that p,q,g & y form the dss_signature_blob and e,n form the rss_signature blob. On Mon, Jul 8, 2013 at 8:49 AM, Kalpesh Parekh wrote: > See this link > > http://tools.ietf.org/html/rfc4253#page-15 > > Per the link, DSA signature is encoded as follows: > string "ssh-dss" > string dss_signature_blob > > RSA signature is encoded as follows: > string "ssh-rsa" > string rsa_signature_blob > > > On Mon, Jul 8, 2013 at 8:48 AM, Kalpesh Parekh wrote: > >> First, apologies for not replying inline to the emails. >> >> After your suggestions Alex, here is what I could determine. >> >> I printed out the hex code for the session key for both RSA and DSA types >> in my setup. >> >> Here are the first few bytes: >> (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81 >> >> (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81 >> >> As you mentioned, the first four bytes indicate, the length of the >> identifier (7 in this case) >> 73 73 68 2D 72 73 61=ssh-rsa >> 73 73 68 2D 64 73 73=ssh-dsa >> >> The next four bytes for RSA indicates some sort of value. In my case it >> is #. For DSA, it indicates (length of the key + 1) verified through >> ssh-keygen -l command. >> For RSA, the last four bytes printed above indicate (length of the key + >> 1). >> >> >> >> >> My next target is to decode the signature blobs. I feel like I am close >> and can close this if any one can help. >> >> >> >> >> >> >> >> >> On Thu, Jul 4, 2013 at 3:07 AM, Kalpesh Parekh wrote: >> >>> Thanks Alex, >>> >>> So far it has been helpful. >>> >>> So based on the RFC, I understand that the host key received from the >>> server has following components >>> K_S || f || s >>> >>> I need to parse the K_S part for RSA key. How do I do that. >>> >>> Also, how can I implement a generic logic for getting the bit strength >>> from the host key. >>> >>> >> >> > --001a11c3428275fcac04e113fad3 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
This is the logic I have used and tested against= a limited set of servers:
1) RSA key -
=A0=A0=A0 i= ) Read the length of identifier
=A0=A0=A0 ii) Skip that many bytes
= =A0=A0=A0 iii) Read the length of the exponent
=A0=A0=A0 iv) Skip that many bytes
=A0=A0=A0 v) Read the leng= th of modulus.
=A0=A0=A0 vi) If the first byte of modulus is = 0x00 subtract -1 from the length of modulus. This is based on the RFC defin= ition of mpint and some examples as follows. Example 2 and 3 are noteworthy= . The length is 08 and the MSB is 0. So no padding with 0x00 was done. But = for example 3, the padding was done and the length was set to 2.
         Examples:

         value (hex)        representation (hex)
         -----------        --------------------
         0                  00 00 00 00
         9a378f9b2e332a7    00 00 00 08 09 a3 78 f9 b2 e3 32 a7
         80                 00 00 00 02 00 80
         -1234              00 00 00 02 ed cc
         -deadbeef          00 00 00 05 ff 21 52 41 11

2= ) DSA key -
=A0=A0=A0 i) Read the length of identifier
=A0=A0= =A0 ii) Skip that many bytes
=A0=A0=A0 iii) Read the length of the modul= us
=A0=A0=A0 iv) If the first byte of modulus is 0x00 subtract -1 from t= he length of modulus.

The logic is based off on RFC 4253-page #15 wh= ere the DSS key format and RSS key formats have been defined. The interpret= ation of the fields p,q,g,y, e and n can be found in RFC 3447, sec 3.1 and = FIPS publication 186. The commonality is modulus represents (n for RSA and = p for DSS) the length of the host key in bytes.

Can some one from crypto group confirm if the interpretation= is correct?

Alex, I hope I am correct in saying that p,q= ,g & y form the dss_signature_blob and e,n form the rss_signature blob.=




On Mon, Jul 8, 2013 at 8:49 AM, Kalpesh Parekh <ka= lpesh.ork2@gmail.com> wrote:
See this link

<= /div>http://tools.ietf.org/html/rfc4253#page-15

Per the link, DSA signature is encoded as follows:
string "ssh-dss"
string dss_signature_blob

RSA signature is encoded as f= ollows:
string "ssh-rsa"
string rsa_signature_blob


On Mon, J= ul 8, 2013 at 8:48 AM, Kalpesh Parekh <kalpesh.ork2@gmail.com>= wrote:
First, apologies for not replying inline to the emai= ls.

After your suggestions Alex, here is what I could determine.
<= br>
I printed out the hex code for the session key for both RSA and DS= A types in my setup.

Here are the first few bytes:
(RSA) 00 00 00 07 73 73 68 = 2D 72 73 61 00 00 00 01 23 00 00 00 81=20

(DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81

As you mentioned, the first four bytes indicate, the length= of the identifier=A0 (7 in this case)
73 73 68 2D 72 73 61=3Dssh-rsa 73 73 68 2D 64 73 73=3Dssh-dsa

The next four bytes for RSA i= ndicates some sort of value. In my case it is #. For DSA, it indicates (len= gth of the key + 1) verified through ssh-keygen -l command.
For RSA, the last four bytes printed above indicate (length of the ke= y + 1).




My next target is to dec= ode the signature blobs. I feel like I am close and can close this if any o= ne can help.








On Thu, Jul 4, 2013 at 3:07 AM, Ka= lpesh Parekh <kalpesh.ork2@gmail.com> wrote:
Thanks Alex,
=A0
So far it has been helpful.
=A0
So based on the RFC, I understand that the host key received from the = server has following components
K_S || f || s
=A0
I need to parse=A0the K_S part for RSA key. How do I do that.
=A0
Also, how can I implement a generic logic for getting the bit strength= from the host key.
=A0



--001a11c3428275fcac04e113fad3-- --===============1527689613== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1527689613==-- From libssh2-devel-bounces@cool.haxx.se Wed Jul 10 17:41:19 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6AFeh0s001727; Wed, 10 Jul 2013 17:41:10 +0200 Received: from mail-ee0-x22a.google.com (mail-ee0-x22a.google.com [IPv6:2a00:1450:4013:c00::22a]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6AFefTv001701 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 10 Jul 2013 17:40:41 +0200 Received: by mail-ee0-f42.google.com with SMTP id c4so5039677eek.1 for ; Wed, 10 Jul 2013 08:40:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Rh1NP7j55DLGlxBFAA50cW4AH+bjyGGEyy/cGHXEz5Q=; b=NN99gghBuwxHEBwYAoSkU27vZqDuHqENn77NyDa7u6U9GBtJVanDQnBX1xJi7SsTq6 IU1pdkXIobtI0kOA11gKlac+ZQVIOQgbq6MsOMIc1tQi/gaAW594tgpHRGxpiAidrVKz W8AW0sulUV+YXWGVP0mzzdyjZ6Tn+S1ZZAlxqNt1XXa0saM1uB612ajlvMOjgTNj9rIw RZYB4THvgOvdRrz9GPfX4a2yMSNbxSECd3+r7+gQbVGsMA5wMunxGCpe9OqnXlM76ULs O9RgNj+mVp0jYp3/EjNcetRr8++otENA5n8y0GpxhDVw4WxJ+KKrQJLxGJA6/E4lvit7 rkkw== MIME-Version: 1.0 X-Received: by 10.14.241.136 with SMTP id g8mr36630163eer.104.1373470835628; Wed, 10 Jul 2013 08:40:35 -0700 (PDT) Received: by 10.14.47.203 with HTTP; Wed, 10 Jul 2013 08:40:35 -0700 (PDT) In-Reply-To: References: Date: Wed, 10 Jul 2013 08:40:35 -0700 Message-ID: Subject: Re: SSH2 host key length and hash compute From: Kalpesh Parekh To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1811993341==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1811993341== Content-Type: multipart/alternative; boundary=001a1132ecb64480ba04e12a19cb --001a1132ecb64480ba04e12a19cb Content-Type: text/plain; charset=ISO-8859-1 Made one small change to the logic. Instead of subtracting -1 at step 6 for RSA and step 4 for DSS, I first converted the values to bits. Then subtracted the number of leading 0s in the first byte. I needed to do this because for bit strengths in RSA with values like 1205, 1206, etc, the above logic returned1208 always. This is because the first byte was always non-zero and therefore the length was calculated as 1208. I noticed in all the cases that if I subtract the number of leading zeroes, I would get the exact length. Can someone please verify the logic? I have been verifying this against ssh-keygen -l. The way I am creating the keys on my server is ssh-keygen -b -t rsa. My passphrase is always empty. Is there a case I am missing? On Tue, Jul 9, 2013 at 6:17 AM, Kalpesh Parekh wrote: > This is the logic I have used and tested against a limited set of servers: > 1) RSA key - > i) Read the length of identifier > ii) Skip that many bytes > iii) Read the length of the exponent > iv) Skip that many bytes > v) Read the length of modulus. > vi) If the first byte of modulus is 0x00 subtract -1 from the length > of modulus. This is based on the RFC definition of mpint and some examples > as follows. Example 2 and 3 are noteworthy. The length is 08 and the MSB is > 0. So no padding with 0x00 was done. But for example 3, the padding was > done and the length was set to 2. > > Examples: > > value (hex) representation (hex) > ----------- -------------------- > 0 00 00 00 00 > 9a378f9b2e332a7 00 00 00 08 09 a3 78 f9 b2 e3 32 a7 > 80 00 00 00 02 00 80 > -1234 00 00 00 02 ed cc > -deadbeef 00 00 00 05 ff 21 52 41 11 > > 2) DSA key - > i) Read the length of identifier > ii) Skip that many bytes > iii) Read the length of the modulus > iv) If the first byte of modulus is 0x00 subtract -1 from the length > of modulus. > > The logic is based off on RFC 4253-page #15 where the DSS key format and > RSS key formats have been defined. The interpretation of the fields > p,q,g,y, e and n can be found in RFC 3447, sec 3.1 and FIPS publication > 186. The commonality is modulus represents (n for RSA and p for DSS) the > length of the host key in bytes. > > Can some one from crypto group confirm if the interpretation is correct? > > Alex, I hope I am correct in saying that p,q,g & y form the > dss_signature_blob and e,n form the rss_signature blob. > > > > > On Mon, Jul 8, 2013 at 8:49 AM, Kalpesh Parekh wrote: > >> See this link >> >> http://tools.ietf.org/html/rfc4253#page-15 >> >> Per the link, DSA signature is encoded as follows: >> string "ssh-dss" >> string dss_signature_blob >> >> RSA signature is encoded as follows: >> string "ssh-rsa" >> string rsa_signature_blob >> >> >> On Mon, Jul 8, 2013 at 8:48 AM, Kalpesh Parekh wrote: >> >>> First, apologies for not replying inline to the emails. >>> >>> After your suggestions Alex, here is what I could determine. >>> >>> I printed out the hex code for the session key for both RSA and DSA >>> types in my setup. >>> >>> Here are the first few bytes: >>> (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81 >>> >>> (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81 >>> >>> As you mentioned, the first four bytes indicate, the length of the >>> identifier (7 in this case) >>> 73 73 68 2D 72 73 61=ssh-rsa >>> 73 73 68 2D 64 73 73=ssh-dsa >>> >>> The next four bytes for RSA indicates some sort of value. In my case it >>> is #. For DSA, it indicates (length of the key + 1) verified through >>> ssh-keygen -l command. >>> For RSA, the last four bytes printed above indicate (length of the key + >>> 1). >>> >>> >>> >>> >>> My next target is to decode the signature blobs. I feel like I am close >>> and can close this if any one can help. >>> >>> >>> >>> >>> >>> >>> >>> >>> On Thu, Jul 4, 2013 at 3:07 AM, Kalpesh Parekh wrote: >>> >>>> Thanks Alex, >>>> >>>> So far it has been helpful. >>>> >>>> So based on the RFC, I understand that the host key received from the >>>> server has following components >>>> K_S || f || s >>>> >>>> I need to parse the K_S part for RSA key. How do I do that. >>>> >>>> Also, how can I implement a generic logic for getting the bit strength >>>> from the host key. >>>> >>>> >>> >>> >> > --001a1132ecb64480ba04e12a19cb Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Made one small change to the logic. Instead of s= ubtracting -1 at step 6 for RSA and step 4 for DSS, I first converted the v= alues to bits. Then subtracted the number of leading 0s in the first byte. = I needed to do this because for bit strengths in RSA with values like 1205,= 1206, etc, the above logic returned1208 always. This is because the first = byte was always non-zero and therefore the length was calculated as 1208. I= noticed in all the cases that if I subtract the number of leading zeroes, = I would get the exact length. Can someone please verify the logic? I have b= een verifying this against ssh-keygen -l.
The way I am creating the keys on my server is ssh-keygen -b <str&= gt; -t rsa. My passphrase is always empty.
Is there a case I am m= issing?


On Tue, Jul 9, 2013 at 6:17 AM, Kalpesh Parekh <kalpesh.ork2@gmail.co= m> wrote:
This is the logic I have used and tested against= a limited set of servers:
1) RSA key -
=A0=A0=A0 i= ) Read the length of identifier
=A0=A0=A0 ii) Skip that many bytes
= =A0=A0=A0 iii) Read the length of the exponent
=A0=A0=A0 iv) Skip that many bytes
=A0=A0=A0 v) Read the leng= th of modulus.
=A0=A0=A0 vi) If the first byte of modulus is = 0x00 subtract -1 from the length of modulus. This is based on the RFC defin= ition of mpint and some examples as follows. Example 2 and 3 are noteworthy= . The length is 08 and the MSB is 0. So no padding with 0x00 was done. But = for example 3, the padding was done and the length was set to 2.
         Examples:

         value (hex)        representation (hex)
         -----------        --------------------
         0                  00 00 00 00
         9a378f9b2e332a7    00 00 00 08 09 a3 78 f9 b2 e3 32 a7
         80                 00 00 00 02 00 80
         -1234              00 00 00 02 ed cc
         -deadbeef          00 00 00 05 ff 21 52 41 11

2= ) DSA key -
=A0=A0=A0 i) Read the length of identifier
=A0=A0= =A0 ii) Skip that many bytes
=A0=A0=A0 iii) Read the length of the modul= us
=A0=A0=A0 iv) If the first byte of modulus is 0x00 subtract -1 from t= he length of modulus.

The logic is based off on RFC 4253-page #15 wh= ere the DSS key format and RSS key formats have been defined. The interpret= ation of the fields p,q,g,y, e and n can be found in RFC 3447, sec 3.1 and = FIPS publication 186. The commonality is modulus represents (n for RSA and = p for DSS) the length of the host key in bytes.

Can some one from crypto group confirm if the interpretation= is correct?

Alex, I hope I am correct in saying that p,q= ,g & y form the dss_signature_blob and e,n form the rss_signature blob.=




On Mon, Jul 8, 20= 13 at 8:49 AM, Kalpesh Parekh <kalpesh.ork2@gmail.com> = wrote:
See this link

<= /div>http://tools.ietf.org/html/rfc4253#page-15

Per the link, DSA signature is encoded as follows:
string "ssh-dss"
string dss_signature_blob

RSA signature is encoded as f= ollows:
string "ssh-rsa"
string rsa_signature_blob


On Mon, Jul 8, 2013 at 8:48 AM, Kalpesh= Parekh <kalpesh.ork2@gmail.com> wrote:
First, apologies for not replying inline to the emai= ls.

After your suggestions Alex, here is what I could determine.
<= br>
I printed out the hex code for the session key for both RSA and DS= A types in my setup.

Here are the first few bytes:
(RSA) 00 00 00 07 73 73 68 = 2D 72 73 61 00 00 00 01 23 00 00 00 81=20

(DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81

As you mentioned, the first four bytes indicate, the length= of the identifier=A0 (7 in this case)
73 73 68 2D 72 73 61=3Dssh-rsa 73 73 68 2D 64 73 73=3Dssh-dsa

The next four bytes for RSA i= ndicates some sort of value. In my case it is #. For DSA, it indicates (len= gth of the key + 1) verified through ssh-keygen -l command.
For RSA, the last four bytes printed above indicate (length of the ke= y + 1).




My next target is to dec= ode the signature blobs. I feel like I am close and can close this if any o= ne can help.








On Thu, Jul 4, 2013 at 3:07 AM, Ka= lpesh Parekh <kalpesh.ork2@gmail.com> wrote:
Thanks Alex,
=A0
So far it has been helpful.
=A0
So based on the RFC, I understand that the host key received from the = server has following components
K_S || f || s
=A0
I need to parse=A0the K_S part for RSA key. How do I do that.
=A0
Also, how can I implement a generic logic for getting the bit strength= from the host key.
=A0




--001a1132ecb64480ba04e12a19cb-- --===============1811993341== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1811993341==-- From libssh2-devel-bounces@cool.haxx.se Thu Jul 11 04:07:02 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6B26cRO017655; Thu, 11 Jul 2013 04:06:57 +0200 Received: from m13-39.163.com (m13-39.163.com [220.181.13.39]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6B26W0u017052; Thu, 11 Jul 2013 04:06:33 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=Received:Date:From:To:Subject:In-Reply-To: References:Content-Type:MIME-Version:Message-ID; bh=Ub7lxqssilO7 KKsTXO81YquxM43nm+ejpGzGfzElt+4=; b=X+yrKRPGfkFSJuM+hyIoeWbrNs6z Zb3V7a5IwZA6AasSBguQPUqlMRRJxG/uB35ULGdUsDEGpn1ONfClA1hcK38P/tdB 50mFy9/0+TBPi/Jjh+boRheRfNLDmGfQkO5+B/hzgp62v3dtfsWc9B9AnW6HaPRM LWd2R11pzQerRcw= Received: from e_balloon$163.com ( [220.248.0.154] ) by ajax-webmail-wmsvr39 (Coremail) ; Thu, 11 Jul 2013 10:06:27 +0800 (CST) X-Originating-IP: [220.248.0.154] Date: Thu, 11 Jul 2013 10:06:27 +0800 (CST) From: balloon To: libssh2-devel@cool.haxx.se, "libcurl development" Subject: =?GBK?Q?Re=A3=BARe:Re:Re:_Segmentation_fault_libssh2=5Fsession=5Flast=5F?= =?GBK?Q?errno_(session=3D0x0)_at_session.c:1219_(Daniel_Stenberg?= X-Priority: 3 X-Mailer: Coremail Webmail Server Version SP_ntes V3.5 build 20130613(22460.5432.5432) Copyright (c) 2002-2013 www.mailtech.cn 163com In-Reply-To: References: X-CM-CTRLDATA: wzE8WWZvb3Rlcl9odG09OTY5Mjo4MQ== MIME-Version: 1.0 Message-ID: <1e44f398.32a0.13fcb7ac288.Coremail.e_balloon@163.com> X-CM-TRANSID: J8GowGA54kMjE95RxF97AA--.3100W X-CM-SenderInfo: phbetzhorr0qqrwthudrp/xtbBzxhXd1D+ciLltgAAsa X-Coremail-Antispam: 1U5529EdanIXcx71UUUUU7vcSsGvfC2KfnxnUU== X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0681363963==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0681363963== Content-Type: multipart/alternative; boundary="----=_Part_47749_964529570.1373508387464" ------=_Part_47749_964529570.1373508387464 Content-Type: text/plain; charset=GBK Content-Transfer-Encoding: 7bit At 2013-07-08 18:00:03,libssh2-devel-request@cool.haxx.se wrote: >Send libssh2-devel mailing list submissions to > libssh2-devel@cool.haxx.se > >To subscribe or unsubscribe via the World Wide Web, visit > http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel >or, via email, send a message with subject or body 'help' to > libssh2-devel-request@cool.haxx.se > >You can reach the person managing the list at > libssh2-devel-owner@cool.haxx.se > >When replying, please edit your Subject line so it is more specific >than "Re: Contents of libssh2-devel digest..." > > >Today's Topics: > > 1. Re:Re:Re: Segmentation fault libssh2_session_last_errno > (session=0x0) at session.c:1219 (Daniel Stenberg) (balloon) > > >---------------------------------------------------------------------- > >Message: 1 >Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST) >From: balloon >To: libssh2-devel@cool.haxx.se, curl-library@cool.haxx.se >Subject: Re:Re:Re: Segmentation fault libssh2_session_last_errno > (session=0x0) at session.c:1219 (Daniel Stenberg) >Message-ID: <2f94c453.a1db.13fbc2c5b40.Coremail.e_balloon@163.com> >Content-Type: text/plain; charset="gbk" > >>This shows that the problem is in libcurl when sends a NULL to libssh2 so that >>it crashes. > >>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups >>there. I'd like you to rebuild libcurl with debug symbols left so that the >>stack trace becomes usable. > >>It shouldn't matter that it is Java, but it can very well be a problem that >>occurs only with that specific server implementation. >I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include >#include > >size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream) >{ > > size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream); > return len; >} > >int main(int argc, char**argv) >{ >char host[100]; >if(argc < 2) >{ >std::cout<<"Nonono~~~input sftpserver ip pls."<return 1; >} >strcpy(host,argv[1]); >std::string sftp_url="sftp://"; >sftp_url+=host; >sftp_url+="/a.txt";curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str()); CURL *curl = curl_easy_init(); > if (!curl) > { > std::cout<<"Fail to initialize curl."< return 1; > } > curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD); > curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test"); > FILE *fd = fopen("tmp.txt", "w"); > > curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd); > curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); > curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback); > > // specify downloading file size > curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1); > CURLcode res = CURL_LAST; > > res = curl_easy_perform(curl); > > if (CURLE_OK == res) > { > std::cout<<"succeed."< curl_easy_cleanup(curl); > return 0; > } > else > { > std::cout<<"fail."< curl_easy_cleanup(curl); > return 1; > } >} > >Here is the result, pls let me know what can I do next. Thanks. >Starting program: /root/a.out 9.111.23.100 >warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000 >[Thread debugging using libthread_db enabled] >sftp url: sftp://9.111.23.100/a.txt >* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000) >* About to connect() to 9.111.23.100 port 22 (#0) >* Trying 9.111.23.100... >* Adding handle: conn: 0x877cf8 >* Adding handle: send: 0 >* Adding handle: recv: 0 >* Curl_addHandleToPipeline: length: 1 >* 0x865828 is at send pipe head! >* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0 >* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0) >* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0) >* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT >* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP >* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0) > >Program received signal SIGSEGV, Segmentation fault. >0x0000000000000000 in ?? () >(gdb) bt >#0 0x0000000000000000 in ?? () >#1 0x00000000005c4a20 in DES_SPtrans () >#2 0x00000032759549e0 in ?? () from /lib64/libc.so.6 >#3 0x0000000000000014 in ?? () >#4 0x0000000000885778 in ?? () >#5 0x0000000000887437 in ?? () >#6 0x0000000000886780 in ?? () >#7 0x00000000008869c0 in ?? () >#8 0x0000000000886980 in ?? () >#9 0xc3e557dbb4ac6000 in ?? () >#10 0x22f09ddde873b1bc in ?? () >#11 0x000000005c053c02 in ?? () >#12 0x000000000088649c in ?? () >#13 0x00007fffffffce30 in ?? () >#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8 >) > at hostkey.c:329 >Backtrace stopped: previous frame inner to this frame (corrupt stack?) >(gdb) > I can also send u the SFTP server binary to reproduce and investigate this issue, but I fail to attach it in this mail loop due to size limitation. Pls specify some space that I can upload the SFTP server binary if u need it, thanks :) ------=_Part_47749_964529570.1373508387464 Content-Type: text/html; charset=GBK Content-Transfer-Encoding: 7bit

At 2013-07-08 18:00:03,libssh2-devel-request@cool.haxx.se wrote:
>Send libssh2-devel mailing list submissions to
>	libssh2-devel@cool.haxx.se
>
>To subscribe or unsubscribe via the World Wide Web, visit
>	http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>or, via email, send a message with subject or body 'help' to
>	libssh2-devel-request@cool.haxx.se
>
>You can reach the person managing the list at
>	libssh2-devel-owner@cool.haxx.se
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of libssh2-devel digest..."
>
>
>Today's Topics:
>
>   1. Re:Re:Re: Segmentation fault  libssh2_session_last_errno
>      (session=0x0) at session.c:1219 (Daniel Stenberg) (balloon)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST)
>From: balloon  <e_balloon@163.com>
>To: libssh2-devel@cool.haxx.securl-library@cool.haxx.se
>Subject: Re:Re:Re: Segmentation fault  libssh2_session_last_errno
>	(session=0x0) at session.c:1219 (Daniel Stenberg)
>Message-ID: <2f94c453.a1db.13fbc2c5b40.Coremail.e_balloon@163.com>
>Content-Type: text/plain; charset="gbk"
>
>>This shows that the problem is in libcurl when sends a NULL to libssh2 so that 
>>it crashes.
>
>>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups 
>>there. I'd like you to rebuild libcurl with debug symbols left so that the 
>>stack trace becomes usable.
>
>>It shouldn't matter that it is Java, but it can very well be a problem that 
>>occurs only with that specific server implementation.
>I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include <iostream>
>#include <curl.h>
>
>size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream)
>{
>
>    size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream);
>    return len;
>}
>
>int main(int argc, char**argv)
>{
>char host[100];
>if(argc < 2)
>{
>std::cout<<"Nonono~~~input sftpserver ip pls."<<std::endl;
>return 1;
>}
>strcpy(host,argv[1]);
>std::string sftp_url="sftp://";
>sftp_url+=host;
>sftp_url+="/a.txt";curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str());    CURL *curl = curl_easy_init();
>    if (!curl)
>    {
>        std::cout<<"Fail to  initialize curl."<<std::endl;
>        return 1;
>    }
>    curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD);
>    curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test");
>    FILE *fd = fopen("tmp.txt", "w");
>    
>    curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd);
>    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
>    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
>
>    // specify downloading file size
>    curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1);
>    CURLcode res = CURL_LAST;
>
>    res = curl_easy_perform(curl);
>
>    if (CURLE_OK == res)
>    {
>         std::cout<<"succeed."<<std::endl;
>        curl_easy_cleanup(curl);
>	return 0;
>    }
>    else
>    {
>	std::cout<<"fail."<<std::endl;
>        curl_easy_cleanup(curl);
>	return 1;
>    }
>}
>
>Here is the result, pls let me know what can I do next.  Thanks.
>Starting program: /root/a.out 9.111.23.100
>warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000
>[Thread debugging using libthread_db enabled]
>sftp url: sftp://9.111.23.100/a.txt
>* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000) 
>* About to connect() to 9.111.23.100 port 22 (#0)
>*   Trying 9.111.23.100...
>* Adding handle: conn: 0x877cf8
>* Adding handle: send: 0
>* Adding handle: recv: 0
>* Curl_addHandleToPipeline: length: 1
>* 0x865828 is at send pipe head!
>* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0
>* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0) 
>* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0)
>* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT
>* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP
>* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0) 
>
>Program received signal SIGSEGV, Segmentation fault.
>0x0000000000000000 in ?? ()
>(gdb) bt
>#0  0x0000000000000000 in ?? ()
>#1  0x00000000005c4a20 in DES_SPtrans ()
>#2  0x00000032759549e0 in ?? () from /lib64/libc.so.6
>#3  0x0000000000000014 in ?? ()
>#4  0x0000000000885778 in ?? ()
>#5  0x0000000000887437 in ?? ()
>#6  0x0000000000886780 in ?? ()
>#7  0x00000000008869c0 in ?? ()
>#8  0x0000000000886980 in ?? ()
>#9  0xc3e557dbb4ac6000 in ?? ()
>#10 0x22f09ddde873b1bc in ?? ()
>#11 0x000000005c053c02 in ?? ()
>#12 0x000000000088649c in ?? ()
>#13 0x00007fffffffce30 in ?? ()
>#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8
>)
>    at hostkey.c:329
>Backtrace stopped: previous frame inner to this frame (corrupt stack?)
>(gdb) 
>
I  can also send u the SFTP server binary to reproduce and investigate this issue, but I fail to attach it in this mail loop due to size limitation.
Pls specify some space that I can upload the SFTP server binary if u need it, thanks :)




------=_Part_47749_964529570.1373508387464-- --===============0681363963== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0681363963==-- From libssh2-devel-bounces@cool.haxx.se Sat Jul 13 00:53:08 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6CMqZti014379; Sat, 13 Jul 2013 00:53:00 +0200 Received: from earth.stuge.se (earth.stuge.se [212.116.89.126]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6CMqXIi014376 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sat, 13 Jul 2013 00:52:33 +0200 Received: (qmail 23134 invoked from network); 12 Jul 2013 22:52:03 -0000 Received: from unknown (HELO earth.stuge.se) (127.0.0.1) by localhost with SMTP; 12 Jul 2013 22:52:03 -0000 MIME-Version: 1.0 From: "libssh2 Trac" X-Trac-Version: 1.0dev Precedence: bulk Auto-Submitted: auto-generated X-Mailer: Trac 1.0dev, by Edgewall Software To: blehz0r@gmail.com X-Trac-Project: libssh2 Date: Fri, 12 Jul 2013 22:52:03 -0000 X-URL: https://trac.libssh2.org/ Subject: [libssh2] #267: file_read_publickey access violation X-Trac-Ticket-URL: https://trac.libssh2.org/ticket/267 Message-ID: <043.eb15e6f9c3301da9be5ac3ef715256b7@libssh2.stuge.se> X-Trac-Ticket-ID: 267 X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id r6CMqXIi014376 Cc: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Reply-To: trac@libssh2.stuge.se, libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" #267: file_read_publickey access violation -------------------------------------------------+------------------------- Reporter: wimvdh | Owner: Type: defect | Status: new Priority: blocker | Milestone: 1.4.3 Component: SFTP | Version: 1.4.2 Keywords: file_read_publickey access | Blocked By: violation sp1 crash | Blocks: | -------------------------------------------------+------------------------- file_read_publickey: {{{ if ((sp1 = memchr(pubkey, ' ', pubkey_len)) == NULL) { LIBSSH2_FREE(session, pubkey); return _libssh2_error(session, LIBSSH2_ERROR_FILE, "Invalid public key data"); } sp1++; if ((sp2 = memchr(sp1, ' ', pubkey_len - (sp1 - pubkey - 1))) == NULL) { /* Assume that the id string is missing, but that it's okay */ sp2 = pubkey + pubkey_len; } }}} The memchr sometimes gives an access violation when the last char in pubkey is at the end of the memory block. Problem here is that sp1 already points to the char after the space, which means "pubkey_len - (sp1 - pubkey - 1)" gives a length which goes 1 past the length of the buffer. Example: Key is 208 long. (pubkey_len) Space is at position 7. (sp1) Increment by one is position 8 (sp1++) 208 - (8 - 0 - 1) = 201. Reading 201 while there are only 200 chars left to read. -- Ticket URL: libssh2 C library for writing portable SSH2 clients _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 15 12:30:45 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6FAUGMA016936; Mon, 15 Jul 2013 12:30:37 +0200 Received: from earth.stuge.se (earth.stuge.se [212.116.89.126]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6FAUElu016902 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 15 Jul 2013 12:30:14 +0200 Received: (qmail 28463 invoked from network); 15 Jul 2013 10:29:46 -0000 Received: from unknown (HELO earth.stuge.se) (127.0.0.1) by localhost with SMTP; 15 Jul 2013 10:29:46 -0000 MIME-Version: 1.0 From: "libssh2 Trac" X-Trac-Version: 1.0dev Precedence: bulk Auto-Submitted: auto-generated X-Mailer: Trac 1.0dev, by Edgewall Software To: blehz0r@gmail.com X-Trac-Project: libssh2 Date: Mon, 15 Jul 2013 10:29:46 -0000 X-URL: https://trac.libssh2.org/ Subject: Re: [libssh2] #267: file_read_publickey access violation X-Trac-Ticket-URL: https://trac.libssh2.org/ticket/267#comment:1 Message-ID: <058.b8ceb828824851daa95475c259e7d529@libssh2.stuge.se> References: <043.eb15e6f9c3301da9be5ac3ef715256b7@libssh2.stuge.se> X-Trac-Ticket-ID: 267 In-Reply-To: <043.eb15e6f9c3301da9be5ac3ef715256b7@libssh2.stuge.se> X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id r6FAUElu016902 Cc: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Reply-To: trac@libssh2.stuge.se, libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" #267: file_read_publickey access violation -------------------------+------------------------------------------------- Reporter: wimvdh | Owner: Type: defect | Status: new Priority: blocker | Milestone: 1.4.3 Component: SFTP | Version: 1.4.2 Resolution: | Keywords: file_read_publickey access Blocked By: | violation sp1 crash | Blocks: -------------------------+------------------------------------------------- Comment (by wimvdh): The -1 needs to be removed: if ((sp2 = memchr(sp1, ' ', pubkey_len - (sp1 - pubkey))) == NULL) { -- Ticket URL: libssh2 C library for writing portable SSH2 clients _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 17 12:39:45 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6HAdA4q023333; Wed, 17 Jul 2013 12:39:39 +0200 Received: from mail-oa0-x233.google.com (mail-oa0-x233.google.com [IPv6:2607:f8b0:4003:c02::233]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6HAd7Bb023277 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 17 Jul 2013 12:39:08 +0200 Received: by mail-oa0-f51.google.com with SMTP id i4so2276754oah.38 for ; Wed, 17 Jul 2013 03:39:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=zfLRF+QXmegk9MAdQD89emsaTmuxdw//YmH7ga8Vu3k=; b=nPd/Fz2Tj8TdOSNHKzvG3t8hxhu3vZ1AuN4/Rw/9yWm9XJxEfICxmbZskKlUZ+CDir 8gepx9psiNc3LVvKRUMcvM2ZGqHCkcF0KU9/ytsds8IMuNNZ8e7R6WRHF1dtLYemudIO aqzwz+fTw7CDOyDKv/v8i/K1U7YbKT+Pn+yL1MQcbR5S95Zp7qNl9VFP4fnd5I1iKEMW TCAzksfIJve398BpLM+B6V7W9vzUikdcjlvVwEeoQBBNp0PfWGJhoNmVOzXRmIyYImYL 8pqd930uI1l1N2kcqD3TsfRUK681z8OeY6I7+cdArH0SigyOWSftTnYsJAsbU+5I3FZO YWtg== MIME-Version: 1.0 X-Received: by 10.182.65.35 with SMTP id u3mr1855245obs.8.1374057542464; Wed, 17 Jul 2013 03:39:02 -0700 (PDT) Received: by 10.76.126.196 with HTTP; Wed, 17 Jul 2013 03:39:02 -0700 (PDT) Date: Wed, 17 Jul 2013 13:39:02 +0300 Message-ID: Subject: [sftp] Read part of file From: Velichko Yuriy To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0133083718==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0133083718== Content-Type: multipart/alternative; boundary=089e0158b140b83ba004e1b2b3da --089e0158b140b83ba004e1b2b3da Content-Type: text/plain; charset=ISO-8859-1 Hello! In the example: http://www.libssh2.org/examples/sftp.html is shown how to read data from file using libssh2_sftp_read(). Is possible to read part of data from the end of file? For example: I have file with 500Mb size, and I want to read last 100 Kb. Thanks! -- Best Regards! --089e0158b140b83ba004e1b2b3da Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Hello!

In the exam= ple:

is shown h= ow to read data from file using libssh2_sftp_read().

Is possible to read part of data from the end of file?<= /div>

For example: I have file with 500Mb size, and I wa= nt to read last 100 Kb.

Thanks!

--
Best=A0Regards!
--089e0158b140b83ba004e1b2b3da-- --===============0133083718== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0133083718==-- From libssh2-devel-bounces@cool.haxx.se Wed Jul 17 12:51:57 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6HAppDs029740; Wed, 17 Jul 2013 12:51:56 +0200 Received: from mail-ee0-x230.google.com (mail-ee0-x230.google.com [IPv6:2a00:1450:4013:c00::230]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6HApnAc029726 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 17 Jul 2013 12:51:50 +0200 Received: by mail-ee0-f48.google.com with SMTP id b47so945090eek.7 for ; Wed, 17 Jul 2013 03:51:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=zmeDPws8drHFHOXhPOxgGUa0wnMreWRAuzZTHhRlbCw=; b=P2dg2Jvab+bgQEVEbxS+BPVsBMnV4WXM6MB/UmQza6rD3vLdlH3bk2Tz888uKcF+WO 8XstSkvTQ0n4CFZjLljH1hjHEU1p9r0xJXVgk/n80xgZOn0ODvQ3eHmnEVqWtVCLJd1v sHs7fbjDqCeApn0p6zJnddruYSl0y+VjDX4tLZek1TdwHAS0x7SyzAV5Iue2w03qMHK7 rOfeT8oj9egzjH+u1UnWjnkglzrBt0EpU2GMuvrupg/oX2o/FE3YJXHcMN3rBonkYlqq A3RWHO6/t3bvkir78qPPNqRLfp/3ZLbAQ4imsxYmI9mZwpyHY8GQaWgAQs+C65yZT+jD 0CDA== MIME-Version: 1.0 X-Received: by 10.15.54.198 with SMTP id t46mr5890969eew.74.1374058305397; Wed, 17 Jul 2013 03:51:45 -0700 (PDT) Received: by 10.14.67.197 with HTTP; Wed, 17 Jul 2013 03:51:45 -0700 (PDT) In-Reply-To: References: Date: Wed, 17 Jul 2013 14:51:45 +0400 Message-ID: Subject: Re: [sftp] Read part of file From: niXman To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" 2013/7/17 Velichko Yuriy: > Hello! Hi, > In the example: > http://www.libssh2.org/examples/sftp.html > > is shown how to read data from file using libssh2_sftp_read(). > > Is possible to read part of data from the end of file? use libssh2_sftp_seek64() function: http://www.libssh2.org/libssh2_sftp_seek64.html -- Regards, niXman ___________________________________________________ Dual-target(32 & 64-bit) MinGW compilers for 32 and 64-bit Windows: http://sourceforge.net/projects/mingwbuilds/ ___________________________________________________ Another online IDE: http://liveworkspace.org/ _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 17 13:02:31 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6HB2PKe003994; Wed, 17 Jul 2013 13:02:30 +0200 Received: from mail-oa0-x233.google.com (mail-oa0-x233.google.com [IPv6:2607:f8b0:4003:c02::233]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6HB2MOB003965 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 17 Jul 2013 13:02:23 +0200 Received: by mail-oa0-f51.google.com with SMTP id i4so2296947oah.24 for ; Wed, 17 Jul 2013 04:02:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Zj+dBAgjs7i/0h52r5QLIDQpF3uORaMg2wIDELvtw6M=; b=rF2+hCVr5X1CS+OWbPbpLxTu3AseIymbEmF8c00CeQ2nO36zAaVyqBjap1vBdLt/tX VjaDvkfyygX9v5gLXx41VnxggKTD56P2IA4NtQOl+kOhlQ7JPU49Z7pOgkwh5poj+K6A jJuCYxlmXiv0DkoKIAnSt/zBiRiOJmk+rvSJ3ey5pkLIFAVgjRPIFbwb9K5114FABazz AlkAL3UK3PB09bN3dE0wgguv0/jeI33Srg6qpUisARy64N4rMngNHAXIewSdss5wNpJV y1kNTRK0rzvJMIzJRL5Re+Ej1R2T7OoYKh2iugRc8cSLLNjFZg9iemLIoau5o2rb4lfF Ffqg== MIME-Version: 1.0 X-Received: by 10.60.145.173 with SMTP id sv13mr7512595oeb.63.1374058938082; Wed, 17 Jul 2013 04:02:18 -0700 (PDT) Received: by 10.76.126.196 with HTTP; Wed, 17 Jul 2013 04:02:18 -0700 (PDT) In-Reply-To: References: Date: Wed, 17 Jul 2013 14:02:18 +0300 Message-ID: Subject: Re: [sftp] Read part of file From: Velichko Yuriy To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1593857487==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1593857487== Content-Type: multipart/alternative; boundary=047d7b5d532ae7aca204e1b306e1 --047d7b5d532ae7aca204e1b306e1 Content-Type: text/plain; charset=ISO-8859-1 On 17 July 2013 13:51, niXman wrote: > 2013/7/17 Velichko Yuriy: > > Hello! > Hi, > > > In the example: > > http://www.libssh2.org/examples/sftp.html > > > > is shown how to read data from file using libssh2_sftp_read(). > > > > Is possible to read part of data from the end of file? > > use libssh2_sftp_seek64() function: > http://www.libssh2.org/libssh2_sftp_seek64.html > > Thanks! > -- > Regards, > niXman > ___________________________________________________ > Dual-target(32 & 64-bit) MinGW compilers for 32 and 64-bit Windows: > http://sourceforge.net/projects/mingwbuilds/ > ___________________________________________________ > Another online IDE: http://liveworkspace.org/ > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > -- Best Regards! --047d7b5d532ae7aca204e1b306e1 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable


On 17 July 2013 13:51, niXman <i.nixman@gmail.com> wrot= e:
2013/7/17 Velichko Yuriy:
> Hello!
Hi,

> In the example:
> http://www.libssh2.org/examples/sftp.html
>
> is shown how to read data from file using libssh2_sftp_read().
>
> Is possible to read part of data from the end of file?

use libssh2_sftp_seek64() function:
http://www.libssh2.org/libssh2_sftp_seek64.html

=A0
=A0Thanks!=A0
=A0
--
Regards,
niXman
___________________________________________________
Dual-target(32 & 64-bit) MinGW compilers for 32 and 64-bit Windows:
= http://sourceforge.net/projects/mingwbuilds/
___________________________________________________
Another online IDE: http://liveworkspace.org/
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/li= bssh2-devel



--
Best=A0Regar= ds!
--047d7b5d532ae7aca204e1b306e1-- --===============1593857487== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1593857487==-- From libssh2-devel-bounces@cool.haxx.se Sun Jul 21 11:33:37 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6L9Wxu6002182; Sun, 21 Jul 2013 11:33:28 +0200 Received: from mx.uxnr.de (mx.uxnr.de [89.238.84.47]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6L9Wv83002155 for ; Sun, 21 Jul 2013 11:32:57 +0200 Received: from mail-wg0-x232.google.com (mail-wg0-x232.google.com [IPv6:2a00:1450:400c:c00::232]) by mx.uxnr.de (Postfix) with ESMTPSA id 0C46D1C5A3F5 for ; Sun, 21 Jul 2013 11:32:50 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 0C46D1C5A3F5 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1374399170; bh=PKvbbdJxW9lWg1Tfz++suM0QtQKWELfPbBbLkWDORZU=; h=In-Reply-To:References:Date:Subject:From:To:From; b=wjtTcUCXhHqtfIrm5TAE95DwHCK64wBE1s+vr7iD24Ku01YOppj/mnNpY+jwvyUnZ aud8DZmWS9oZB2Js+U+o8m7a516yW57tSgtKYiE5SZ4cy866H1M9OEoOExRqyPfj85 KeilenmjgayAJL51khKhtE6mwUnK4vxtHTdQBC9s= Received: by mail-wg0-f50.google.com with SMTP id k13so379567wgh.5 for ; Sun, 21 Jul 2013 02:32:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=PKvbbdJxW9lWg1Tfz++suM0QtQKWELfPbBbLkWDORZU=; b=gpWKbdAY7274H27H5sentcMxLl2JpZXJm0w+pa4SV2Tr2H1+UZ9MqCNTSvsdyZ6tsR NbMG6fq40dMPbjrp0Bnxw9MAc6dxOH2yrYD9ptsutbO/2xQIdvFNfgDN5uacgmmZE+Dg B5pnY0XkoXFzYqhjFD2FhZdcO9M9wbRoq/lCXxJERnxlDasBpOKkwXwh8f2IQaKq4X0k 10zqOgfYY2djDKIYl6ZvU1rFn83e95QGRW+L2Dymkre1rsa2aLTdPKpWgU8a3r5XpiaV xqneCGft3/gzFuN18TYA5yHbRlvyBS6FG4bXjxSzq9/oUe2hBhkKtLEKYZGfViZ5Htii BHDg== MIME-Version: 1.0 X-Received: by 10.180.7.164 with SMTP id k4mr15382329wia.40.1374398762802; Sun, 21 Jul 2013 02:26:02 -0700 (PDT) Received: by 10.217.123.4 with HTTP; Sun, 21 Jul 2013 02:26:02 -0700 (PDT) In-Reply-To: <20130602175922.5525.qmail@stuge.se> References: <20130601231229.11420.qmail@stuge.se> <20130602175922.5525.qmail@stuge.se> Date: Sun, 21 Jul 2013 11:26:02 +0200 Message-ID: Subject: Re: [PATCH] Added Windows Cryptography API: Next Generation backend From: Marc Hoersken To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hello Peter, 2013/6/2 Peter Stuge : > Sure, I'll post my commits, there may still be something to improve > even with them. any news regarding your cleanup commits? Thanks in advance! :) Best regards, Marc _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jul 23 19:36:11 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6NHZet9026141; Tue, 23 Jul 2013 19:36:06 +0200 Received: from mail-wi0-x22d.google.com (mail-wi0-x22d.google.com [IPv6:2a00:1450:400c:c05::22d]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6NHZbPS026111 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Tue, 23 Jul 2013 19:35:38 +0200 Received: by mail-wi0-f173.google.com with SMTP id hq4so3317980wib.6 for ; Tue, 23 Jul 2013 10:35:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=l32sDOgYc2gcIuhjOPwt9UBQjnTIvNv9bQWk5AepnJk=; b=NcXblbs4flYvYHlsxlF+LIcy4+GrbmWX1uGK1DhKxcIiMAJm56Ei3dZfffyRFQCCUN jRAG0AjHykJlil1dJ5CY2gK2ZNZP7aGclCOIJ1KGHq7bkdnbC6nLn/kw4ZQ8Pxml3TQP 69zUtPUPyYk9dNOGGYDplMsR2Ry7wbz2mJQD2Xha1o7CUAnQ4fB+kUPMAGZIh71fMeiN W3/ZWg4yOeKjVH/u40Tmpjow3XLZYAQcu+ILtrlndzXvyzx+H6P7kX81bJ8qY+N1YXzy sjkLzAnfljD5dtMCKHgnrUrwUjWIwsVWahvmQP77iZDZZ8dPYCT6y7S7NRAlY+yn6CEa PJzA== MIME-Version: 1.0 X-Received: by 10.180.90.104 with SMTP id bv8mr33733823wib.15.1374600932983; Tue, 23 Jul 2013 10:35:32 -0700 (PDT) Received: by 10.194.14.129 with HTTP; Tue, 23 Jul 2013 10:35:32 -0700 (PDT) Date: Tue, 23 Jul 2013 23:05:32 +0530 Message-ID: Subject: Multiple connections in a single SSH reverse tunnel From: Atri Sharma To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hi all, I am trying to set up a infrastructure where I need to make a reverse SSH tunnel between two fixed ports. My requirement is to have multiple SSH connections over the same SSH tunnel simultaneously. I am referring to tcp-forward example provided in the /example directory of libssh2. I tried threading, but couldnt do it.Can anybody help me with it please? Regards, Atri -- Regards, Atri l'apprenant _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 24 19:42:42 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OHgG7L023136; Wed, 24 Jul 2013 19:42:37 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OHgELu023114 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 24 Jul 2013 19:42:14 +0200 Received: (qmail 9292 invoked by uid 501); 24 Jul 2013 17:42:14 -0000 Message-ID: <20130724174214.9291.qmail@stuge.se> Date: Wed, 24 Jul 2013 19:42:14 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Multiple connections in a single SSH reverse tunnel Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Atri Sharma wrote: > I tried threading, but couldnt do it.Can anybody help me with it please? Nobody will write the code for you. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 24 19:47:39 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OHlaf7027321; Wed, 24 Jul 2013 19:47:38 +0200 Received: from mail-we0-x236.google.com (mail-we0-x236.google.com [IPv6:2a00:1450:400c:c03::236]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OHlZqd027298 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 24 Jul 2013 19:47:35 +0200 Received: by mail-we0-f182.google.com with SMTP id u55so3779121wes.41 for ; Wed, 24 Jul 2013 10:47:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=0bXjxwl9yXTHA1FB3Wc8688Hsd4BbGbXDYQQ6abh6Hg=; b=xA95H92ZFJykeaqWA3GkKEVoEujHg+TPMTlK7zn3Lx8gHU/fw62QL02yCYsyPZ2EiZ WS0DmjqiDlq2A5VNK/8wYmizQRtHe9gvNcLV41MzvKPBcrJ92Bn0vPjA659RHtmXX557 ypbNq06r/HgSYmAo0xKyQVbhblO6VzPJyYsGPyAP8jLas2nMQ+TYv1Xg7NTg0dpKDRUO R1jZ+OkH5rR8TkCt2aXPndc/aL+c+YumrOjMxtnS7f5I6POxlDzahINtt+DuvlOAlSvO CX1t67FRJbyDzUrTBYDFEI0pnmG1rfsG3t1ZXQBSU1wkUB11cnpJIkgp6h0qd315QjR7 vlOQ== MIME-Version: 1.0 X-Received: by 10.180.189.102 with SMTP id gh6mr3577062wic.19.1374688051943; Wed, 24 Jul 2013 10:47:31 -0700 (PDT) Received: by 10.194.14.129 with HTTP; Wed, 24 Jul 2013 10:47:31 -0700 (PDT) In-Reply-To: <20130724174214.9291.qmail@stuge.se> References: <20130724174214.9291.qmail@stuge.se> Date: Wed, 24 Jul 2013 23:17:31 +0530 Message-ID: Subject: Re: Multiple connections in a single SSH reverse tunnel From: Atri Sharma To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" I understand that, but I was trying to understand how it can be done. I am not looking for code, but just for an idea. Please advise, Regards, Atri On Wed, Jul 24, 2013 at 11:12 PM, Peter Stuge wrote: > Atri Sharma wrote: >> I tried threading, but couldnt do it.Can anybody help me with it please? > > Nobody will write the code for you. > > > //Peter > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Regards, Atri l'apprenant _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 24 19:55:21 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OHtHAs000469; Wed, 24 Jul 2013 19:55:20 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OHtGkZ000442 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 24 Jul 2013 19:55:16 +0200 Received: (qmail 10452 invoked by uid 501); 24 Jul 2013 17:55:18 -0000 Message-ID: <20130724175518.10451.qmail@stuge.se> Date: Wed, 24 Jul 2013 19:55:18 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Multiple connections in a single SSH reverse tunnel Mail-Followup-To: libssh2-devel@cool.haxx.se References: <20130724174214.9291.qmail@stuge.se> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Atri Sharma wrote: > I understand that, but I was trying to understand how it can be done. > I am not looking for code, but just for an idea. select() and non-blocking libssh2_channel_read/_write(). //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 24 20:00:02 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OI00TV003410; Wed, 24 Jul 2013 20:00:01 +0200 Received: from mail-we0-x234.google.com (mail-we0-x234.google.com [IPv6:2a00:1450:400c:c03::234]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OHxwcv003381 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 24 Jul 2013 19:59:58 +0200 Received: by mail-we0-f180.google.com with SMTP id p59so4751167wes.39 for ; Wed, 24 Jul 2013 10:59:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=dehHHaF97A3jje/kTHzDMZGVwgkJY5hTHcaWh+1uVC4=; b=W3MwW0d9MNvK/Mr4BTDbXTXusxscxvgsEXhqJhtlwNe0pn1VwPXqxbVbWxmphxDh22 3YlngIJYvHIeJqP6r1Ht79oQt71D+8BGRssq7V5u7s5y+0GQ5XqULesX27JIBfyizmVF 0WnAEEzZQKb5qrt0HsS8JY+M1t5Aucd2LyrKGIJDqwclWtKE4ujnBqb/e+oxWoG/0j36 NG3Gh0ERLN5eVw8oYD1hdF+asFvZq+/JJ3wNzKPWk1udIlotyvtxzDMyi+rkRY3elMpH 7fBXVEIKTdcuwd8jbGgxxn4kh819Nl4Q8KB7meHebPPRt6ZzaKhTfvQ7JCj7+ZDIMRks qUiA== MIME-Version: 1.0 X-Received: by 10.180.189.102 with SMTP id gh6mr3607896wic.19.1374688794936; Wed, 24 Jul 2013 10:59:54 -0700 (PDT) Received: by 10.194.14.129 with HTTP; Wed, 24 Jul 2013 10:59:54 -0700 (PDT) In-Reply-To: <20130724175518.10451.qmail@stuge.se> References: <20130724174214.9291.qmail@stuge.se> <20130724175518.10451.qmail@stuge.se> Date: Wed, 24 Jul 2013 23:29:54 +0530 Message-ID: Subject: Re: Multiple connections in a single SSH reverse tunnel From: Atri Sharma To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Yes, but the issue I am facing is that I need to detect that I have a new incoming connection and then spawn a new thread for forwarding it to the local port,right? I tried to do a forward_ex call, and put a call to accept(listener) and spawned a new thread for processing it in a while loop. The main problem is that when I try to re use the same listener in the loop for constantly listening for incoming connections, the second time, it doesnt open (I get 'couldnt open tcpip listner'). What am I doing wrong? Regards, Atri On Wed, Jul 24, 2013 at 11:25 PM, Peter Stuge wrote: > Atri Sharma wrote: >> I understand that, but I was trying to understand how it can be done. >> I am not looking for code, but just for an idea. > > select() and non-blocking libssh2_channel_read/_write(). > > > //Peter > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Regards, Atri l'apprenant _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 24 20:07:06 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OI72go008439; Wed, 24 Jul 2013 20:07:05 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OI70hc008312 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 24 Jul 2013 20:07:00 +0200 Received: (qmail 11422 invoked by uid 501); 24 Jul 2013 18:07:02 -0000 Message-ID: <20130724180702.11421.qmail@stuge.se> Date: Wed, 24 Jul 2013 20:07:02 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Multiple connections in a single SSH reverse tunnel Mail-Followup-To: libssh2-devel@cool.haxx.se References: <20130724174214.9291.qmail@stuge.se> <20130724175518.10451.qmail@stuge.se> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Atri Sharma wrote: > the issue I am facing is that I need to detect that I have a > new incoming connection and then spawn a new thread for forwarding it > to the local port,right? No. You should study basic single-threaded C programming using select() with multiple file descriptors. You don't need threads. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 24 20:08:57 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OI8tYX009187; Wed, 24 Jul 2013 20:08:56 +0200 Received: from mail-wg0-x22c.google.com (mail-wg0-x22c.google.com [IPv6:2a00:1450:400c:c00::22c]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6OI8rV3009153 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 24 Jul 2013 20:08:54 +0200 Received: by mail-wg0-f44.google.com with SMTP id l18so717173wgh.11 for ; Wed, 24 Jul 2013 11:08:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=kPm1Ow5mos5NxKSqczslzhry4e/HoKXFlV+j9v3j+3c=; b=akZGWJo67qiD+cGuhcSK79W/b/FN6KJWkD0ZUgaKDJMm6Z12LeWOrc2GL/l8d6zUSo hQp7CtfF05HwlQ+7DW8mpujsN9U9MZE4kIIoZ8PsEEA7jkLdfjso4ilTYOPFLa3AJKip GPMn89ais6TN9A42Jph8psttUZaN1Mhke+10yNEOqDrEGu/XyYgMSt9hU01GMfVAWdGO xnWq1JT6tRkXfCJiCWMvxhdGs/IHGtHV/e+0vf3PYM5u/RKPZT0urFYuNSCP5wf2kBgj uGgWD4Yy+57XP+tXoJvGFS6hp/vuaTDoqRK3ptwCmK6M82yIlQECNtJFixn3VwwSsUcv 5zrg== MIME-Version: 1.0 X-Received: by 10.180.78.9 with SMTP id x9mr3593406wiw.15.1374689330731; Wed, 24 Jul 2013 11:08:50 -0700 (PDT) Received: by 10.194.14.129 with HTTP; Wed, 24 Jul 2013 11:08:50 -0700 (PDT) In-Reply-To: <20130724180702.11421.qmail@stuge.se> References: <20130724174214.9291.qmail@stuge.se> <20130724175518.10451.qmail@stuge.se> <20130724180702.11421.qmail@stuge.se> Date: Wed, 24 Jul 2013 23:38:50 +0530 Message-ID: Subject: Re: Multiple connections in a single SSH reverse tunnel From: Atri Sharma To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Right, thanks a ton! On Wed, Jul 24, 2013 at 11:37 PM, Peter Stuge wrote: > Atri Sharma wrote: >> the issue I am facing is that I need to detect that I have a >> new incoming connection and then spawn a new thread for forwarding it >> to the local port,right? > > No. You should study basic single-threaded C programming using > select() with multiple file descriptors. You don't need threads. > > > //Peter > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel -- Regards, Atri l'apprenant _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu Jul 25 02:07:28 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6P06vpi027203; Thu, 25 Jul 2013 02:07:19 +0200 Received: from dns-factory.at (mail.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6P06tRd027198 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 25 Jul 2013 02:06:55 +0200 Received: from [172.17.100.8] lists@gknw.net [109.91.98.102] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Thu, 25 Jul 2013 02:06:45 +0200 Message-ID: <51F06C11.6070102@gknw.net> Date: Thu, 25 Jul 2013 02:06:41 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: libssh2 development Subject: [PROPOSAL] grant Mark =?ISO-8859-1?Q?H=F6rsken_commit_rights?= X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id r6P06tRd027198 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id r6P06vpi027203 Hi all, just for those who dont know Mark yet: he added a while back the WinSSL stuff to libcurl, and became a committer there to, and since then also maintains this stuff and fixed bugs when they came up. He did a good job with this, and I expect equally good work from him here too in order to get libssh2 working with the Windows native crypto functions ... therefore I suggest to grant him commit rights to the libssh2 repo. my +1. Gün. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Jul 26 10:00:47 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6Q80EdE027902; Fri, 26 Jul 2013 10:00:41 +0200 Received: from mail-vb0-x234.google.com (mail-vb0-x234.google.com [IPv6:2607:f8b0:400c:c02::234]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6Q80Bed027615 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Fri, 26 Jul 2013 10:00:12 +0200 Received: by mail-vb0-f52.google.com with SMTP id f12so1022238vbg.11 for ; Fri, 26 Jul 2013 01:00:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=jaPKdpyLWpFYk+Wfw+lNAjXykbgHgL2pZ2ZqJkON/yI=; b=iMkX/V/Ol1A4+752SL3AWk9CN+NQIS6kn554D2Ph7FAE8+Ip3s73LYpMMMFcFj+Cic z8zIJIQEoZTsF9YMG4u6n+9VRzYeyjEQcqpk8pKLwXd3qwiHB/8ib7x6pOe2Dw/AGAg1 MMb4yyIar+Y6nepFdWnBBK3HviRMK7dRr2juPGuunOKazToVtBYz5erSl3r7hVlxuSMh 07ZJ6pON9x83KQepvXsuvIbkTWW/it83oMIrjTM2CrqH0NAYeBCyz9gR0h4EZbjxfvuL X45XOkYbOiapn9W5VHCTeQvBTeUDd3hHOx5tLrG3FGeFSXE91KFukQn154cEH0f4FI4A 710Q== MIME-Version: 1.0 X-Received: by 10.58.85.161 with SMTP id i1mr19452469vez.97.1374825603590; Fri, 26 Jul 2013 01:00:03 -0700 (PDT) Received: by 10.52.178.98 with HTTP; Fri, 26 Jul 2013 01:00:03 -0700 (PDT) In-Reply-To: <51F06C11.6070102@gknw.net> References: <51F06C11.6070102@gknw.net> Date: Fri, 26 Jul 2013 09:00:03 +0100 X-Google-Sender-Auth: UK_SwiHhBit0IYY97uaoY_64qDU Message-ID: Subject: =?ISO-8859-1?Q?Re=3A_=5BPROPOSAL=5D_grant_Mark_H=F6rsken_commit_rights?= From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 25 July 2013 01:06, Guenter wrote: > Hi all, > just for those who dont know Mark yet: he added a while back the WinSSL > stuff to libcurl, and became a committer there to, and since then also > maintains this stuff and fixed bugs when they came up. > He did a good job with this, and I expect equally good work from him here > too in order to get libssh2 working with the Windows native crypto functions > ... > therefore I suggest to grant him commit rights to the libssh2 repo. > > my +1. I'm in favour. The Windows crypto work looks very promising. My +1 too. Alex -- Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Fri Jul 26 13:28:58 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6QBSZRI015899; Fri, 26 Jul 2013 13:28:52 +0200 Received: from smtp.nfra.nl (smtp.nfra.nl [192.87.1.146]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6QBSXi1015876 for ; Fri, 26 Jul 2013 13:28:33 +0200 Received: from ntserver2.nfra.nl ([195.169.155.181]) by smtp.nfra.nl with ESMTP; Fri, 26 Jul 2013 13:28:17 +0200 Received: from [0.0.0.0] (unverified [195.169.155.176]) by ntserver2.nfra.nl (Clearswift SMTPRS 5.3.0) with ESMTP id ; Fri, 26 Jul 2013 13:28:18 +0200 Message-ID: <51F25D51.6050606@astron.nl> Date: Fri, 26 Jul 2013 13:28:17 +0200 From: Jan David Mol User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130704 Icedove/17.0.7 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: detect linkage against openssl or gcrypt X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hi, I'm using libssh2 in a multithreaded environment, and thus need to setup the crypto library for multithreaded use. libssh2 can be linked against openssl or gcrypt however, so my build environment needs to know which one in order to trigger the proper initialisation code and avoid unneeded dependencies. Currently, the only way (I could find) to find out whether a preinstalled libssh2 has been built against openssl or gcrypt is to check the dependencies of the so file. Apart from the fact that that approach does not work for static libraries, wouldn't it be nicer if LIBSSH2_LIBGCRYPT or something similar was exposed in libssh2's public interface. Such a construct would allow one to query libssh2 instead of deriving this knowledge. Cheers, Jan David Mol PS: Thanks for writing this great library! We're actually using it as part of production code on our BlueGene/P supercomputer, and it works great! _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun Jul 28 00:26:51 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6RMQUa3011613; Sun, 28 Jul 2013 00:26:46 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6RMQSHN011605 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sun, 28 Jul 2013 00:26:28 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id r6RMQSHH011602 for ; Sun, 28 Jul 2013 00:26:28 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Sun, 28 Jul 2013 00:26:28 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt In-Reply-To: <51F25D51.6050606@astron.nl> Message-ID: References: <51F25D51.6050606@astron.nl> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Fri, 26 Jul 2013, Jan David Mol wrote: > Apart from the fact that that approach does not work for static libraries, > wouldn't it be nicer if LIBSSH2_LIBGCRYPT or something similar was exposed > in libssh2's public interface. Such a construct would allow one to query > libssh2 instead of deriving this knowledge. I completely agree. Any particular suggestion on how to do it? -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun Jul 28 04:56:52 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6S2uPlZ004172; Sun, 28 Jul 2013 04:56:47 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6S2uNK9004152 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sun, 28 Jul 2013 04:56:23 +0200 Received: (qmail 12650 invoked by uid 501); 28 Jul 2013 02:56:22 -0000 Message-ID: <20130728025622.12649.qmail@stuge.se> Date: Sun, 28 Jul 2013 04:56:22 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: detect linkage against openssl or gcrypt Mail-Followup-To: libssh2-devel@cool.haxx.se References: <51F25D51.6050606@astron.nl> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <51F25D51.6050606@astron.nl> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Jan David Mol wrote: > libssh2 can be linked against openssl or gcrypt however, so my > build environment needs to know which one in order to trigger the > proper initialisation code and avoid unneeded dependencies. The correct way to do this is through pkg-config. This is precisely the problem that pkg-config solves. If libssh2 doesn't have a .pc file yet it needs to get one! //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 09:07:11 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6T76enS006070; Mon, 29 Jul 2013 09:07:04 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6T76eXi006058 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 09:06:40 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id r6T76d81006055 for ; Mon, 29 Jul 2013 09:06:39 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Mon, 29 Jul 2013 09:06:39 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt In-Reply-To: <20130728025622.12649.qmail@stuge.se> Message-ID: References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Sun, 28 Jul 2013, Peter Stuge wrote: >> libssh2 can be linked against openssl or gcrypt however, so my build >> environment needs to know which one in order to trigger the proper >> initialisation code and avoid unneeded dependencies. > > The correct way to do this is through pkg-config. This is precisely the > problem that pkg-config solves. Is it? How would you build your makefile / build scripts with pkg-config to figure this out? > If libssh2 doesn't have a .pc file yet it needs to get one! It has one. But I could also imagine a run-time API so that an application can figure this out on its own... -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 10:48:13 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6T8lvP7003329; Mon, 29 Jul 2013 10:48:11 +0200 Received: from mail-ve0-x22d.google.com (mail-ve0-x22d.google.com [IPv6:2607:f8b0:400c:c01::22d]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6T8ltet003296 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 29 Jul 2013 10:47:55 +0200 Received: by mail-ve0-f173.google.com with SMTP id jw11so2703437veb.18 for ; Mon, 29 Jul 2013 01:47:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=ijMxbscTBBoxx4W7K9vsXVF3/1DW5H9wAVsrWcrOaxc=; b=FeCSbNA0icTWTxDO+U0yOXEhhVoCIr3L3XGUgw3Je/hwf+kg6ODn9wYcvCAeqCq5d0 /3BQimOZZUNWrie+Sl5jFMomVBgrEYGIxSV+MCSHiL/4ukd+LY55ZJmM+p2qmmTXmvnH W9hGGyAAYTn43Q/eBprMVvOK7sNusd7trNWXNJ+9fBxCgC1I0J1jVtKjwvJc5C8GvsBD 0y2iQGyYKhoHTLVhLEeldWlQuDpWoB/PdBcZ683CjaCa9IqCGyK8oUAM8iLOVF5DY3BI 4wvzmcdn3W4EpZ8CUXlwWIbGUD1nW+gvUvxUz3Ck5kpNsRyjugNQZHE9GyDs4jZWBDs3 MESg== MIME-Version: 1.0 X-Received: by 10.52.249.9 with SMTP id yq9mr21633410vdc.93.1375087668930; Mon, 29 Jul 2013 01:47:48 -0700 (PDT) Received: by 10.58.19.2 with HTTP; Mon, 29 Jul 2013 01:47:48 -0700 (PDT) In-Reply-To: References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> Date: Mon, 29 Jul 2013 18:47:48 +1000 X-Google-Sender-Auth: Tu8HhALdRkTGoIMfGOHcmlPMiEo Message-ID: Subject: Re: detect linkage against openssl or gcrypt From: Bill Segall To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0685797793==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0685797793== Content-Type: multipart/alternative; boundary=089e0153688c0ab17e04e2a28c26 --089e0153688c0ab17e04e2a28c26 Content-Type: text/plain; charset=ISO-8859-1 > Is it? How would you build your makefile / build scripts with pkg-config to figure this out? Well at least on Unix it's there. You'll want the content of: `pkg-config --cflags libssh2` and `pkg-config --libs libssh2` in CFLAGS and LDFLAGS. If you're in a configure environment I'd set them to some variables such as LIBSSH2_CFLAGS/LDFLAGS and reference those in your Makefile.am's rather than polluting the global CFLAGS and LDFLAGS. If you're using raw Makefiles you could just directly add the pkg-config evaluation output to your compile and link lines. Don't be surprised if the CFLAGS are an empty string if you're installing packages on Ubuntu (or anywhere that installs the headers intro /usr/include), but remember it's still good to add the pkg-config result in case it becomes non-empty in a subsequent release or you build against patch release in a non-standard location etc. Hope this helps, Bill. --089e0153688c0ab17e04e2a28c26 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable > Is it? How would you build your makefile / build scripts with pkg-conf= ig to figure this out?

Well at least on Unix it's there. You'= ;ll want the content of:

=A0`pkg-config --cflags libssh2` and=A0 `pk= g-config --libs libssh2` in CFLAGS and LDFLAGS. If you're in a configur= e environment I'd set them to some variables such as LIBSSH2_CFLAGS/LDF= LAGS and reference those in your Makefile.am's rather than polluting th= e global CFLAGS and LDFLAGS. If you're using raw Makefiles you could ju= st directly add the pkg-config=A0 evaluation output to your compile and lin= k lines.

Don't be surprised if the CFLAGS are an empty string if you're = installing packages on Ubuntu (or anywhere that installs the headers intro = /usr/include), but remember it's still good to add the pkg-config resul= t in case it becomes non-empty in a subsequent release or you build against= patch release in a non-standard location etc.

Hope this helps,

Bill.

--089e0153688c0ab17e04e2a28c26-- --===============0685797793== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0685797793==-- From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 10:52:49 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6T8qlGL006653; Mon, 29 Jul 2013 10:52:49 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6T8qkU7006638 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 10:52:46 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id r6T8qk4I006635 for ; Mon, 29 Jul 2013 10:52:46 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Mon, 29 Jul 2013 10:52:46 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt In-Reply-To: Message-ID: References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Mon, 29 Jul 2013, Bill Segall wrote: > Don't be surprised if the CFLAGS are an empty string if you're installing > packages on Ubuntu (or anywhere that installs the headers intro > /usr/include), Exactly! Then how do you know if libssh2 was built to use OpenSSL or gcrypt using this method? -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 11:20:55 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6T9Kltr025307; Mon, 29 Jul 2013 11:20:54 +0200 Received: from mail-ve0-x22a.google.com (mail-ve0-x22a.google.com [IPv6:2607:f8b0:400c:c01::22a]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6T9Ki7t025268 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 29 Jul 2013 11:20:45 +0200 Received: by mail-ve0-f170.google.com with SMTP id 15so93230vea.15 for ; Mon, 29 Jul 2013 02:20:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=o59Vfni3sFqElU5aJJDgyxM3nOeb5gzcTHUMrXqgaow=; b=C5XP58Xed90k/GOYCR9gYpVzmvfY/MrFS/IsCrSUGPYa8ha/4PQmPzhAOXfhvi9N5s D73bNNiXFDgJz/ig0vo8YJkYb+otOFi9Ph3J3jIWOvYwgw3CzfFzA9sMiZLJ6/BCNTmI 6ICn2fTg5kQVdtmPNQo5TLxZOCkEPJUXqDNCZRCLR6jGgC2otewxQzO+BX2IbtwbDA7k /wX+tgo2b9MY8KSiUF9QnCOlgxaTyX1UzYrG7undfLUKu518yWV+C1BbVziIaW1ON1hY YHcN1aJF29XNJ4y14R3IRkqN21JkcUdlsVObIbpMOwJxfV+NOL/BstwWL8nPq2ktz9/M aEHA== MIME-Version: 1.0 X-Received: by 10.58.216.97 with SMTP id op1mr25563380vec.60.1375089640000; Mon, 29 Jul 2013 02:20:40 -0700 (PDT) Received: by 10.58.19.2 with HTTP; Mon, 29 Jul 2013 02:20:39 -0700 (PDT) In-Reply-To: References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> Date: Mon, 29 Jul 2013 19:20:39 +1000 X-Google-Sender-Auth: fSJuPc-vCe-oDV9Zockbiiyq6qg Message-ID: Subject: Re: detect linkage against openssl or gcrypt From: Bill Segall To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1345423393==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1345423393== Content-Type: multipart/alternative; boundary=047d7b6d7f2886d25904e2a301af --047d7b6d7f2886d25904e2a301af Content-Type: text/plain; charset=ISO-8859-1 On Mon, Jul 29, 2013 at 6:52 PM, Daniel Stenberg wrote: > On Mon, 29 Jul 2013, Bill Segall wrote: > > Don't be surprised if the CFLAGS are an empty string if you're installing >> packages on Ubuntu (or anywhere that installs the headers intro >> /usr/include), >> > > Exactly! Then how do you know if libssh2 was built to use OpenSSL or > gcrypt using this method? > In theory, the usage should be private to libssh2 and you don't care at compile time. At link time you need the right libraries. It sounds like in practice you have extra initialization required for re-entrant use - can you explain what that is? My feeling is that libssh2 should do this for you. Bill. --047d7b6d7f2886d25904e2a301af Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
On Mon, Jul 29, 2013 at 6:52 PM, Daniel Stenberg= <= daniel@haxx.se> wrote:
On Mon, 29 Jul 2013, Bill Segall wrote:

Don't be surprised if the CFLAGS are an empty string if you're inst= alling
packages on Ubuntu (or anywhere that installs the headers intro
/usr/include),

Exactly! Then how do you know if libssh2 was built to use OpenSSL or gcrypt= using this method?

In theory, the usage should be= private to libssh2 and you don't care at compile time.=A0 At link time= you need the right libraries.

It sounds like in practice you have extra initialization required for r= e-entrant use - can you explain what that is? My feeling is that libssh2 sh= ould do this for you.

Bill.
--047d7b6d7f2886d25904e2a301af-- --===============1345423393== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1345423393==-- From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 12:16:23 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TAG2qI026877; Mon, 29 Jul 2013 12:16:19 +0200 Received: from smtp.nfra.nl (smtp.nfra.nl [192.87.1.146]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TAG10g026760 for ; Mon, 29 Jul 2013 12:16:01 +0200 Received: from ntserver2.nfra.nl ([195.169.155.181]) by smtp.nfra.nl with ESMTP; Mon, 29 Jul 2013 12:15:45 +0200 Received: from [0.0.0.0] (unverified [195.169.155.176]) by ntserver2.nfra.nl (Clearswift SMTPRS 5.3.0) with ESMTP id ; Mon, 29 Jul 2013 12:15:44 +0200 Message-ID: <51F640D4.6090900@astron.nl> Date: Mon, 29 Jul 2013 12:15:48 +0200 From: Jan David Mol User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130704 Icedove/17.0.7 MIME-Version: 1.0 To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> In-Reply-To: X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 29-07-13 11:20, Bill Segall wrote: > On Mon, Jul 29, 2013 at 6:52 PM, Daniel Stenberg wrote: > >> On Mon, 29 Jul 2013, Bill Segall wrote: >> >> Don't be surprised if the CFLAGS are an empty string if you're installing >>> packages on Ubuntu (or anywhere that installs the headers intro >>> /usr/include), >>> CFLAGS is empty on my Ubuntu 13 desktop. What does seem to work is running 'pkg-config libssh2 --libs' and scan for '-lgcrypt' / '-lcrypto'. > > It sounds like in practice you have extra initialization required for > re-entrant use - can you explain what that is? My feeling is that libssh2 > should do this for you. It's needed to set up the crypto library for multithreaded use. One needs to set the proper call-back routines in libcrypto and libgcrypt, or crashes will occur. Is it libssh2's job to set up libcrypto/libgcrypt? libssh2 -could- do so, but doing so could clash with other uses of the same crypto lib by the program, so it'd have to be optional. Also, multithreading init code requires a dependency on libpthread (and/or other threading libraries) to be able to create the required mutexes etc. Jan David _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 14:17:24 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TCHAp2002729; Mon, 29 Jul 2013 14:17:23 +0200 Received: from dns-factory.at (mail.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TCH8fR002707 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 14:17:08 +0200 Received: from [172.17.100.8] lists@gknw.net [109.91.98.102] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Mon, 29 Jul 2013 14:16:58 +0200 Message-ID: <51F65D38.3070003@gknw.net> Date: Mon, 29 Jul 2013 14:16:56 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> In-Reply-To: <20130728025622.12649.qmail@stuge.se> X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id r6TCH8fR002707 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id r6TCHAp2002729 On 28.07.2013 04:56, Peter Stuge wrote: > The correct way to do this is through pkg-config. This is precisely > the problem that pkg-config solves. on *nix perhaps, but what about other platforms where no pkg-config exists - f.e. Windows (or NetWare)? And what about cross-compiling where I saw too often pkg-config fail? Sure, for the later you could argue that either configure or the toolchain is somehow broken, but that's reality ... @Daniel: > But I could also imagine a run-time API so that an application can figure this out on its own... me too, and while on that we could then also add a flag for zlib ... Gün. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 14:52:33 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TCqMaK027177; Mon, 29 Jul 2013 14:52:32 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TCqLDR027129 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 14:52:21 +0200 Received: (qmail 15917 invoked by uid 501); 29 Jul 2013 12:52:22 -0000 Message-ID: <20130729125222.15916.qmail@stuge.se> Date: Mon, 29 Jul 2013 14:52:22 +0200 From: Peter Stuge To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt Mail-Followup-To: libssh2 development References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <51F65D38.3070003@gknw.net> <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <51F65D38.3070003@gknw.net> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Daniel Stenberg wrote: > On Sun, 28 Jul 2013, Peter Stuge wrote: > >>> libssh2 can be linked against openssl or gcrypt however, so my build >>> environment needs to know which one in order to trigger the proper >>> initialisation code and avoid unneeded dependencies. >> >> The correct way to do this is through pkg-config. This is precisely the >> problem that pkg-config solves. > > Is it? How would you build your makefile / build scripts with pkg-config > to figure this out? Run: pkg-config --print-requires libssh2 pkg-config --print-requires-private libssh2 If the output is empty then that is a libssh2 bug. > But I could also imagine a run-time API so that an application can > figure this out on its own... It can't be runtime, or applications must depend on every single crypto lib supported by libssh2, in order to have all symbols available. Guenter wrote: > On 28.07.2013 04:56, Peter Stuge wrote: >> The correct way to do this is through pkg-config. This is precisely >> the problem that pkg-config solves. > on *nix perhaps, but what about other platforms where no pkg-config > exists - f.e. Windows There does exist pkg-config for Windows and it should certainly be used if building with MinGW. If building with MS C then everything must be hardcoded due to the complete lack of tooling on Windows. > (or NetWare)? I guess this is the same as for Windows. > And what about cross-compiling where I saw too often pkg-config fail? > Sure, for the later you could argue that either configure or the > toolchain is somehow broken, but that's reality ... Most likely neither configure nor toolchain is broken and the problem is with the user. I encounter very many people who do not know the difference between PKG_CONFIG_PATH and PKG_CONFIG_LIBDIR, where the latter is the only thing correct for cross-compilation. > > But I could also imagine a run-time API so that an application can > > figure this out on its own... > > me too, and while on that we could then also add a flag for zlib ... See above for why run-time API for determining compile-time decisions is a really bad idea. Don't do this. The information must be available at compile-time, and only at compile-time. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 14:57:30 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TCvRRL031233; Mon, 29 Jul 2013 14:57:29 +0200 Received: from dns-factory.at (mail.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TCvQcC031227 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 14:57:27 +0200 Received: from [172.17.100.8] lists@gknw.net [109.91.98.102] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Mon, 29 Jul 2013 14:57:17 +0200 Message-ID: <51F666AB.3040807@gknw.net> Date: Mon, 29 Jul 2013 14:57:15 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <51F65D38.3070003@gknw.net> <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <20130729125222.15916.qmail@stuge.se> In-Reply-To: <20130729125222.15916.qmail@stuge.se> X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id r6TCvQcC031227 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id r6TCvRRL031233 On 29.07.2013 14:52, Peter Stuge wrote: > Daniel Stenberg wrote: >> But I could also imagine a run-time API so that an application can >> figure this out on its own... > > It can't be runtime, or applications must depend on every single > crypto lib supported by libssh2, in order to have all symbols > available. perhaps something as simple like this would do already? LIBSSH2_API uint32_t libssh2_buildinfo() { uint32_t buildinfo = 0; #if defined(LIBSSH2_WINDOWSCRYPT) /* build with Windows native Crypt API */ buildinfo |= 0x00000004; #elif defined(LIBSSH2_LIBGCRYPT) /* build with libgcrypt */ buildinfo |= 0x00000002; #else /* must be build with OpenSSL */ buildinfo |= 0x00000001; #endif #if defined(LIBSSH2_HAVE_ZLIB) /* build with Zlib support */ buildinfo |= 0x00010000; #endif return buildinfo; } Gün. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 15:05:55 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TD5oHH004451; Mon, 29 Jul 2013 15:05:54 +0200 Received: from dns-factory.at (mail.dns-factory.at [194.242.35.75]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TD5mQ6004438 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 15:05:48 +0200 Received: from [172.17.100.8] lists@gknw.net [109.91.98.102] by dns-factory.at with NetMail SMTP Agent $Revision: 8582 $ on Novell NetWare via secured & encrypted transport (TLS); Mon, 29 Jul 2013 15:05:39 +0200 Message-ID: <51F668A0.20001@gknw.net> Date: Mon, 29 Jul 2013 15:05:36 +0200 From: Guenter User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: libssh2 development , Peter Stuge Subject: Re: [PATCH] Added Windows Cryptography API: Next Generation backend References: <20130601231229.11420.qmail@stuge.se> <20130602175922.5525.qmail@stuge.se> In-Reply-To: X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id r6TD5mQ6004438 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id r6TD5oHH004451 Hi Peter, can you please tell about your plans? I would like to see some progress with Marc's stuff ... Gün. On 21.07.2013 11:26, Marc Hoersken wrote: > Hello Peter, > > 2013/6/2 Peter Stuge : >> Sure, I'll post my commits, there may still be something to improve >> even with them. > > any news regarding your cleanup commits? Thanks in advance! :) > > Best regards, > Marc > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jul 29 16:05:25 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TE538M011851; Mon, 29 Jul 2013 16:05:21 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6TE52l1011732 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 16:05:02 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id r6TE52SL011659 for ; Mon, 29 Jul 2013 16:05:02 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Mon, 29 Jul 2013 16:05:02 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt In-Reply-To: <20130729125222.15916.qmail@stuge.se> Message-ID: References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <51F65D38.3070003@gknw.net> <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <20130729125222.15916.qmail@stuge.se> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Mon, 29 Jul 2013, Peter Stuge wrote: >> Is it? How would you build your makefile / build scripts with pkg-config >> to figure this out? > > Run: > > pkg-config --print-requires libssh2 > pkg-config --print-requires-private libssh2 > > If the output is empty then that is a libssh2 bug. "pkg-config --print-requires libssh2" is completely blank for me on Debian, but so is "pkg-config --print-requires libcurl" as well, and both are listed with pkg-config --list-all... In fact, I couldn't find any package showing something in --print-requires on my Debian box when I tried a bunch of others as well. Clearly not a very reliable method up until now at least! >> But I could also imagine a run-time API so that an application can >> figure this out on its own... > > It can't be runtime, or applications must depend on every single crypto lib > supported by libssh2, in order to have all symbols available. I didn't claim they would be used for the same thing (even though a truly agnostic application may want to try). I can think of cases where detecting the underlying crypto lib at run-time can be useful or at least helpful. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jul 30 16:06:08 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6UE5g4H008322; Tue, 30 Jul 2013 16:06:03 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6UE5fG9008312 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 30 Jul 2013 16:05:41 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id r6UE5fxW008309 for ; Tue, 30 Jul 2013 16:05:41 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Tue, 30 Jul 2013 16:05:41 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt In-Reply-To: <51F666AB.3040807@gknw.net> Message-ID: References: <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <51F65D38.3070003@gknw.net> <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <20130729125222.15916.qmail@stuge.se> <51F666AB.3040807@gknw.net> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Mon, 29 Jul 2013, Guenter wrote: > perhaps something as simple like this would do already? > > LIBSSH2_API > uint32_t libssh2_buildinfo() > { > uint32_t buildinfo = 0; > #if defined(LIBSSH2_WINDOWSCRYPT) /* build with Windows native Crypt API */ > buildinfo |= 0x00000004; > #elif defined(LIBSSH2_LIBGCRYPT) /* build with libgcrypt */ > buildinfo |= 0x00000002; > #else /* must be build with OpenSSL */ > buildinfo |= 0x00000001; > #endif > #if defined(LIBSSH2_HAVE_ZLIB) /* build with Zlib support */ > buildinfo |= 0x00010000; > #endif > return buildinfo; > } Yeah. Perhaps with two version strings added, one for the crypto lib and one for the zlib? struct libssh2_build { unsigned int featuremask; char *cryptolib; /* name/version perhaps ? */ char *zlib; }; struct libssh2_build *libssh2_buildinfo(void); ... I can also imagine making it slightly more future-proof with a generation counter in the struct: struct libssh2_build { int age; /* generation number of this struct, 1 for now */ unsigned int featuremask; char *cryptolib; char *zlib; }; ... that way we can add stuff to the end of the struct in a future if we bump the age counter and document it properly. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jul 30 16:28:37 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6UESUia021180; Tue, 30 Jul 2013 16:28:36 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6UESTha021141 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 30 Jul 2013 16:28:29 +0200 Received: (qmail 17553 invoked by uid 501); 30 Jul 2013 14:28:31 -0000 Message-ID: <20130730142831.17552.qmail@stuge.se> Date: Tue, 30 Jul 2013 16:28:31 +0200 From: Peter Stuge To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt Mail-Followup-To: libssh2 development References: <20130729125222.15916.qmail@stuge.se> <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <51F65D38.3070003@gknw.net> <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <20130729125222.15916.qmail@stuge.se> <51F666AB.3040807@gknw.net> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <51F666AB.3040807@gknw.net> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Guenter wrote: >>> But I could also imagine a run-time API so that an application can >>> figure this out on its own... >> >> It can't be runtime, or applications must depend on every single >> crypto lib supported by libssh2, in order to have all symbols >> available. > > perhaps something as simple like this would do already? I was refering to the next step; what will your application code look like which uses the return value from libssh2_buildinfo()? Daniel Stenberg wrote: >>> Is it? How would you build your makefile / build scripts with pkg-config >>> to figure this out? >> >> Run: >> >> pkg-config --print-requires libssh2 >> pkg-config --print-requires-private libssh2 >> >> If the output is empty then that is a libssh2 bug. > > "pkg-config --print-requires libssh2" is completely blank for me on Debian, > but so is "pkg-config --print-requires libcurl" as well, and both are > listed with pkg-config --list-all... In fact, I couldn't find any package > showing something in --print-requires on my Debian box when I tried a bunch > of others as well. > > Clearly not a very reliable method up until now at least! So there are lots of buggy packages. No big surprise. It's really unfortunate that pkg-config is not as well-understood as many other, much more complicated, tools. It *really* solves all these problems as long as it is being used correctly. It's easy for us to fix libssh2.pc and you can probably fix libcurl.pc in a similar way. As long as all dependencies install a .pc file it's super simple for applications to compile and link against the correct dependencies. That said, it seems silly to push the burden of dealing with this to application code. I think it would be much better to allow applications to ask libssh2 to deal with this on its own. Doing so would be optional. For the case when the application in fact does want to do this on its own I would suggest that libssh2.h simply defines a macro to be the correct respective function for each crypto library rather than making something more complicated. > I can think of cases where detecting the underlying crypto lib at > run-time can be useful or at least helpful. Please mention some? //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 31 00:45:35 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6UMjFLj011821; Wed, 31 Jul 2013 00:45:29 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6UMjDqg011814 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 31 Jul 2013 00:45:13 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id r6UMjDkf011804 for ; Wed, 31 Jul 2013 00:45:13 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Wed, 31 Jul 2013 00:45:13 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: corrupts the known_hosts file ? Message-ID: User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" I found this libvert issue involving libssh2: https://bugzilla.redhat.com/show_bug.cgi?id=905513 Allegedly, libssh2 can destroy the known_hosts file for lines it doesn't recognize. I'm a bit annoyed to find that (old) report this way but I figured I send it this way so that the right people get to know about it and possible someone feels like fixing it (if indeed found correct)! -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed Jul 31 13:51:49 2013 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6VBpOoR029630; Wed, 31 Jul 2013 13:51:45 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r6VBpMZc029615 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Wed, 31 Jul 2013 13:51:22 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id r6VBpLnS029610 for ; Wed, 31 Jul 2013 13:51:21 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Wed, 31 Jul 2013 13:51:21 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: detect linkage against openssl or gcrypt In-Reply-To: <20130730142831.17552.qmail@stuge.se> Message-ID: References: <20130729125222.15916.qmail@stuge.se> <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <51F65D38.3070003@gknw.net> <51F25D51.6050606@astron.nl> <20130728025622.12649.qmail@stuge.se> <20130729125222.15916.qmail@stuge.se> <51F666AB.3040807@gknw.net> <20130730142831.17552.qmail@stuge.se> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.15 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Tue, 30 Jul 2013, Peter Stuge wrote: >> I can think of cases where detecting the underlying crypto lib at run-time >> can be useful or at least helpful. > > Please mention some? Functionality wise: an libssh2-using application could act differently since libssh2 is not 100% feature-complete with both backends nor is it entirely API-agnostic (like one backend supports a NULL argument while the other doesn't). This might become even more so once we get a third backend supported. Helpful wise: an application can use the feature to provide information about libssh2 build version details for debug/report purposes. It is sometimes easier to ask users to run "myapp --version" to figure out if the libssh2 version it uses has libz built-in, if it is linked to a buggy version of OpenSSL or if might be that known bug with myapp and gcrypt version Z that's playing tricks on you. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel