From libssh2-devel-bounces@cool.haxx.se Sat May 17 00:37:31 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4GMatjN002387; Sat, 17 May 2014 00:37:24 +0200 Received: from mail-pa0-x232.google.com (mail-pa0-x232.google.com [IPv6:2607:f8b0:400e:c03::232]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4GMaqcf002374 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Sat, 17 May 2014 00:36:53 +0200 Received: by mail-pa0-f50.google.com with SMTP id fb1so3100714pad.23 for ; Fri, 16 May 2014 15:36:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:content-transfer-encoding:subject:message-id:date :to:mime-version; bh=oj+aadDBdu/2bOM1xahO73w1DR28Afk4tIYYX8ZwgF8=; b=IxyEsAxG+bL6ghKP6nm+dLKAsgx3q0FEJaTl9A+/U5j2eprI3L0lY33cignak4O3sH TOwbBQUauZ6gbuUqv2/y5LdyQzFdcOwCmHnGq6QcoVYkdnUfm4uBEU9Z9x7BzocUaLgc lfLmzESp8eQ+8xj76Aj0BYnW+Wn5iTtdj7U0bI+dRCy6VytB9rgGKBb/t2YP3yTEr3mV bxgnJ1wDCMdYpn6tJnZU/Cv6Zm11u1Wxba7G9uq3gounzdI3xgyfnUf6f/4ymUsPnnke 0SyGbhV8hJWLXOlCMZyguXWSuSrB+w1Lc524XxUNatcL6YVhf3srPHfsVFT2FAMsgT1d SUVQ== X-Received: by 10.68.178.162 with SMTP id cz2mr24140543pbc.51.1400279808650; Fri, 16 May 2014 15:36:48 -0700 (PDT) Received: from [192.168.50.109] ([216.52.12.243]) by mx.google.com with ESMTPSA id bq4sm16425366pbb.60.2014.05.16.15.36.47 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 16 May 2014 15:36:48 -0700 (PDT) X-Google-Original-From: Jeremy Friesner From: Jeremy Friesner Subject: How should my libssh2 program detect when the data upload failed because the destination partition ran out of space? Message-Id: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> Date: Fri, 16 May 2014 15:36:46 -0700 To: libssh2-devel@cool.haxx.se Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\)) X-Mailer: Apple Mail (2.1510) X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id s4GMaqcf002374 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hi all, I have a program that uses libssh2 to upload a 152MB file to a partition on a remote machine. In general it works quite well. The problem I ran into today involves the scenario when there isn't enough drive-space free on the remote machine to hold the entire 152MB file. What I would expect to have happen in this case is for libssh2_channel_write() to return an error-code at some point to indicate the failure, but the behavior I observe instead is that libssh2_channel_write() keeps on behaving normally (i.e. returning positive values or -1/LIBSSH2_ERROR_EGAIN, since I'm using non-blocking I/O), as if the file transfer was working fine. I'd like to have my program's GUI indicate than an error occurred when this happens -- is there some particular way for me to find out when a file upload has failed due to lack of space (or for any other reason)? For what it's worth, my file transfers use the following sequence of calls (all with the appropriate error checking of the calls' return values, which I've omitted here for clarity); _uploadFileChannel = libssh2_scp_send(_session, filePath, permBits, numBytes); libssh2_channel_write(_uploadFileChannel, (const char *) firstToSend, numBytesLeft); // called many times, of course libssh2_channel_send_eof(_uploadFileChannel); libssh2_channel_wait_eof(_uploadFileChannel); libssh2_channel_close(_uploadFileChannel); Btw, just as a sanity check, I ran the built-in scp utility on my Mac to upload a large file to the machine with the full partition: jeremy-friesners-mac-pro-3:Downloads jaf$ scp dmitri-6.0.0-2014-05-16-1051-r14027-1-Beta.dmitriUniversalFirmware root@msli-dcp-11234772.local.:/mnt/user/ root@msli-dcp-11234772.local.'s password: dmitri-6.0.0-2014-05-16-1051-r14027-1-Beta.dmitriUniversalFirmware 100% 152MB 19.0MB/s 00:08 scp: /mnt/user//dmitri-6.0.0-2014-05-16-1051-r14027-1-Beta.dmitriUniversalFirmware: No space left on device I note that scp did detect the error, but not until *after* it had already uploaded all 152MB to the server. That seems odd to me, since the destination (/mnt/user) was already completely full, I would expect the error to be reported and the uploaded aborted at the beginning of the transfer rather than at the end. Otherwise, where are all those bytes of data being placed during the upload? -Jeremy _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat May 17 00:48:17 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4GMmAYa019783; Sat, 17 May 2014 00:48:15 +0200 Received: from mail-qc0-x22f.google.com (mail-qc0-x22f.google.com [IPv6:2607:f8b0:400d:c01::22f]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4GMm750019746 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Sat, 17 May 2014 00:48:07 +0200 Received: by mail-qc0-f175.google.com with SMTP id w7so5345096qcr.6 for ; Fri, 16 May 2014 15:48:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:date:message-id:subject:from:to:content-type; bh=KYfWq7+Mntj09kcgTaoGzWuvKslCeKE7uU5EzrOewZM=; b=jmLlt72aqLz7NKQYYmcP/DSD3Q9jRcdrogr0LsZ/znzrqqW4bKZ+ZGkP3/8/Xeq85n tWMyigNfevtYetZrwdd9o0Z/JFS0RngBolTtUSEYoOamtE3mVjfukDtoe/2hG4d+vj8U XH9Im1zHOu9FWP/7vo3zQ3vSfgzGdnH0VRPuI53iNjfPTyR1uEstqxRJ79YcWX0E+xoC T5zHCXR1PniJQ+ebYHEWcZP843Rcc49hrpNReFNjhWn+o15YkGfbHLx86G8c32NToPo0 +aa6k+der3uw49ovCQOH2ympWfpM+A5IhS5o+gxZV19QdfVZyMmlQNFToKJjtxjuaPeL eW7g== MIME-Version: 1.0 X-Received: by 10.140.32.195 with SMTP id h61mr28810682qgh.10.1400280483552; Fri, 16 May 2014 15:48:03 -0700 (PDT) Received: by 10.140.109.117 with HTTP; Fri, 16 May 2014 15:48:03 -0700 (PDT) Date: Fri, 16 May 2014 15:48:03 -0700 Message-ID: Subject: How should my libssh2 program detect when the data upload failed because the destination partition ran out of space? From: Jeremy Friesner To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: jaf@meyersound.com, libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0319894810==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0319894810== Content-Type: multipart/alternative; boundary=001a113a7720cee27904f98c34d9 --001a113a7720cee27904f98c34d9 Content-Type: text/plain; charset=UTF-8 Hi all, I have a program that uses libssh2 to upload a 152MB file to a partition on a remote machine. In general it works quite well. The problem I ran into today involves the scenario when there isn't enough drive-space free on the remote machine to hold the entire 152MB file. What I would expect to have happen in this case is for libssh2_channel_write() to return an error-code at some point to indicate the failure, but the behavior I observe instead is that libssh2_channel_write() keeps on behaving normally (i.e. returning positive values or -1/LIBSSH2_ERROR_EGAIN, since I'm using non-blocking I/O), as if the file transfer was working fine. I'd like to have my program's GUI indicate than an error occurred when this happens -- is there some particular way for me to find out when a file upload has failed due to lack of space (or for any other reason)? For what it's worth, my file transfers use the following sequence of calls (all with the appropriate error checking of the calls' return values, which I've omitted here for clarity); _uploadFileChannel = libssh2_scp_send(_session, filePath, permBits, numBytes); libssh2_channel_write(_uploadFileChannel, (const char *) firstToSend, numBytesLeft); // called many times, of course libssh2_channel_send_eof(_uploadFileChannel); libssh2_channel_wait_eof(_uploadFileChannel); libssh2_channel_close(_uploadFileChannel); Btw, just as a sanity check, I ran the built-in scp utility on my Mac to upload a large file to the machine with the full partition: jeremy-friesners-mac-pro-3:Downloads jaf$ scp dmitri-6.0.0-2014-05-16-1051-r14027-1-Beta.dmitriUniversalFirmware root@msli-dcp-11234772.local.:/mnt/user/ root@msli-dcp-11234772.local.'s password: dmitri-6.0.0-2014-05-16-1051-r14027-1-Beta.dmitriUniversalFirmware 100% 152MB 19.0MB/s 00:08 scp: /mnt/user//dmitri-6.0.0-2014-05-16-1051-r14027-1-Beta.dmitriUniversalFirmware: No space left on device I note that scp did detect the error, but not until *after* it had already uploaded all 152MB to the server. That seems odd to me, since the destination (/mnt/user) was already completely full, I would expect the error to be reported and the uploaded aborted at the beginning of the transfer rather than at the end. Otherwise, where are all those bytes of data being placed during the upload? -Jeremy --001a113a7720cee27904f98c34d9 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi all,

I have a program that uses libssh2 to upload a 152MB f= ile to a partition on a remote machine. =C2=A0In general it works quite wel= l.

The problem I ran into today involv= es the scenario when there isn't enough drive-space free on the remote = machine to hold the entire 152MB file. =C2=A0What I would expect to have ha= ppen in this case is for libssh2_channel_write() to return an error-code at= some point to indicate the failure, but the behavior I observe instead is = that libssh2_channel_write() keeps on behaving normally (i.e. returning pos= itive values or -1/LIBSSH2_ERROR_EGAIN, since I'm using non-blocking I/= O), as if the file transfer was working fine.

I'd like to have my program'= ;s GUI indicate than an error occurred when this happens -- is there some p= articular way for me to find out when a file upload has failed due to lack = of space (or for any other reason)? =C2=A0For what it's worth, my file = transfers use the following sequence of calls (all with the appropriate err= or checking of the calls' =C2=A0return values, which I've omitted h= ere for clarity);

= _uploadFileChannel =3D libssh2_scp_send(_session, file= Path, permBits, numBytes);
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0libssh= 2_channel_write(_uploadFileChannel, (const char *) firstToSend, numBytesLef= t); =C2=A0=C2=A0// called many times, of course
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0libssh= 2_channel_send_eof(_uploadFileChannel);
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0libssh= 2_channel_wait_eof(_uploadFileChannel);
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0libssh= 2_channel_close(_uploadFileChannel);

Btw, just as a sanity check, I ran = the built-in scp utility on my Mac to upload a large file to the machine wi= th the full partition:

= jeremy-friesners-mac-pro-3:Downloads jaf$ scp dmitri-6= .0.0-2014-05-16-1051-r14027-1-Beta.dmitriUniversalFirmware=C2=A0root@msli-dcp-11234772.local<= span style=3D"color:rgb(0,0,0);font-family:Helvetica;font-size:medium;text-= align:-webkit-auto">.:/mnt/user/
root@msli-dcp-11234772.local.'s password:=C2=A0

I note that scp did detect the erro= r, but not until *after* it had already uploaded all 152MB to the server. = =C2=A0That seems odd to me, since the destination (/mnt/user) was already c= ompletely full, I would expect the error to be reported and the uploaded ab= orted at the beginning of the transfer rather than at the end. =C2=A0Otherw= ise, where are all those bytes of data being placed during the upload?

-Jeremy
--001a113a7720cee27904f98c34d9-- --===============0319894810== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============0319894810==-- From libssh2-devel-bounces@cool.haxx.se Sat May 17 10:09:27 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4H892A8029896; Sat, 17 May 2014 10:09:22 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4H88xpg029764 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sat, 17 May 2014 10:08:59 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id s4H88xKi029760 for ; Sat, 17 May 2014 10:08:59 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Sat, 17 May 2014 10:08:59 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: How should my libssh2 program detect when the data upload failed because the destination partition ran out of space? In-Reply-To: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> Message-ID: References: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Fri, 16 May 2014, Jeremy Friesner wrote: > The problem I ran into today involves the scenario when there isn't enough > drive-space free on the remote machine to hold the entire 152MB file. What > I would expect to have happen in this case is for libssh2_channel_write() to > return an error-code at some point to indicate the failure, but the behavior > I observe instead is that libssh2_channel_write() keeps on behaving normally > (i.e. returning positive values or -1/LIBSSH2_ERROR_EGAIN, since I'm using > non-blocking I/O), as if the file transfer was working fine. I would expect that to happen as well. Your server obviously doesn't return any error for this... > I note that scp did detect the error, but not until *after* it had already > uploaded all 152MB to the server. Which sounds like a sympthom of the same thing. > Otherwise, where are all those bytes of data being placed during the upload? That would be a question to whoever did the server you're talking to that eats the bytes. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat May 17 17:16:09 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HFFimT029530; Sat, 17 May 2014 17:16:04 +0200 Received: from mail-pb0-x229.google.com (mail-pb0-x229.google.com [IPv6:2607:f8b0:400e:c01::229]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HFFffo029483 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Sat, 17 May 2014 17:15:42 +0200 Received: by mail-pb0-f41.google.com with SMTP id uo5so3906565pbc.28 for ; Sat, 17 May 2014 08:15:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=YLt5H8oR1Rpazy84ZGpkPkcB6TZiHnjsIJOBNPLokgE=; b=No4YjzIKdKTZ/nFIy3umGFKIJh8MDqgELLoiKcw4/uTZFUqpTnn3oEHk3JBRGvwm4h WN6Cp0LufhCdiy7EGrjCL3bbWUZbFILs4rEk23f/Tl2NZbkJGqINBhIHo7HaOLNuCXTm R2hXSCAMt0FPe8xQpGzkWx1+YfQZ+zCOoqw3GATXGm7jn/0776/X4hN1dDTxMSR6+q6d sO43HdjXlimKA2Xrh79AIpz3XJjAR/UmZ9gJXD8O9Zhk8LZfA4XpIKvIpsgS2j5QF7xO 6itDTVFsGoG0Ixjsj4gbk5ume2rt8LSBc6vSJTUI+gY3VI9LdAdyi48EFWIg5JQ3i7GA xNJQ== X-Received: by 10.66.157.200 with SMTP id wo8mr29228371pab.92.1400339736141; Sat, 17 May 2014 08:15:36 -0700 (PDT) Received: from [192.168.50.106] ([216.52.12.243]) by mx.google.com with ESMTPSA id vm3sm20447123pbc.45.2014.05.17.08.15.34 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 17 May 2014 08:15:35 -0700 (PDT) Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\)) Subject: Re: How should my libssh2 program detect when the data upload failed because the destination partition ran out of space? From: Jeremy Friesner In-Reply-To: Date: Sat, 17 May 2014 08:15:33 -0700 Message-Id: <732C317D-17E2-4A52-8889-7FE7937A8C7D@gmail.com> References: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> To: libssh2 development X-Mailer: Apple Mail (2.1874) X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id s4HFFffo029483 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="windows-1252" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id s4HFFimT029530 On May 17, 2014, at 1:08 AM, Daniel Stenberg wrote: > On Fri, 16 May 2014, Jeremy Friesner wrote: > >> The problem I ran into today involves the scenario when there isn't enough drive-space free on the remote machine to hold the entire 152MB file. What I would expect to have happen in this case is for libssh2_channel_write() to return an error-code at some point to indicate the failure, but the behavior I observe instead is that libssh2_channel_write() keeps on behaving normally (i.e. returning positive values or -1/LIBSSH2_ERROR_EGAIN, since I'm using non-blocking I/O), as if the file transfer was working fine. > > I would expect that to happen as well. Your server obviously doesn't return any error for this... > >> I note that scp did detect the error, but not until *after* it had already uploaded all 152MB to the server. > > Which sounds like a sympthom of the same thing. Yes, I expect it is — OTOH, the scp client was able to print the appropriate error message, so it must be doing something that my program doesn’t do, in order to do that. >> Otherwise, where are all those bytes of data being placed during the upload? > > That would be a question to whoever did the server you're talking to that eats the bytes. The server is the sshd that ships with Debian Linux; I’m not very clear about who to contact about that… Jeremy _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat May 17 19:36:17 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HHZtlm004587; Sat, 17 May 2014 19:36:13 +0200 Received: from mail-ee0-x232.google.com (mail-ee0-x232.google.com [IPv6:2a00:1450:4013:c00::232]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HHZsfp004570 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Sat, 17 May 2014 19:35:54 +0200 Received: by mail-ee0-f50.google.com with SMTP id e51so2355910eek.23 for ; Sat, 17 May 2014 10:35:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qqmail.nl; s=google; h=message-id:mime-version:to:from:subject:date:in-reply-to:references :content-type; bh=XW0A0b5SFZq+DcloPd642/nujmqOsb9+mABIEeEdtKU=; b=Y4e9f0xUSfUGZK9mwh0jfP8p5cahM6aX2niWUHoGtVpNfOvx2iWZvYVRLwNZuLCKu6 XxudtgLkv4r+4t5ND4eWMoVEGlA5z4RzRwWzKI+Ufe9Wj95gdIDqlMaC1MkXgaid4UkC YZqCJhJ6gx7/qQ7rxJ45YfDn0ftbTDnRxm5Jk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:mime-version:to:from:subject:date :in-reply-to:references:content-type; bh=XW0A0b5SFZq+DcloPd642/nujmqOsb9+mABIEeEdtKU=; b=U6szgD3wei6RmebhlB22OJv8eOCbwd5cKatWQD1XlbRELBEbGN4wH8lU++jBQtpmva M8Yo070s3CrUJ9xDiCXnkBFmB5GTrFb8qwo0WvKOD8VheJPsgTNSvKMG0VzoOE3Jt51f r2YnwA+MUhgZbUquxqRBtXO/IPGR06RZNrsC6dqx2TDf/oFRFaRvWnjyHSdgW1xMbMeb Vla6p8g8MpSjh/m7LC52PSRXf42SaFHqGNKcFcoWTaikgCph2H21Orripn7yurp+8kDI B75L3nSIKOTiSH4qnLN7+VhbFAVbmeIkTDo9M9FILm6H7e/b9Rg4DMUF0FdnEFW972JT Dy9g== X-Gm-Message-State: ALoCoQnVA05P18qqvqS9o1/LA/P6KaKrk2Namj+XXfqeIeWHoCWkmwaXMvU1UdASSeIinQ9cOdbN X-Received: by 10.15.83.68 with SMTP id b44mr32323774eez.11.1400348149601; Sat, 17 May 2014 10:35:49 -0700 (PDT) Received: from [192.168.1.180] (212-57-55-63.xdsl.deanconnect.nl. [212.57.55.63]) by mx.google.com with ESMTPSA id a45sm28794741eez.2.2014.05.17.10.35.47 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Sat, 17 May 2014 10:35:48 -0700 (PDT) Message-ID: <53779df4.c5520f0a.0e4b.ffff809f@mx.google.com> MIME-Version: 1.0 To: libssh2 development From: Bert Huijben Subject: RE: How should my libssh2 program detect when the data upload failedbecause the destination partition ran out of space? Date: Sat, 17 May 2014 19:35:00 +0200 In-Reply-To: <732C317D-17E2-4A52-8889-7FE7937A8C7D@gmail.com> References: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> <732C317D-17E2-4A52-8889-7FE7937A8C7D@gmail.com> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1666078244==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1666078244== Content-Type: multipart/alternative; boundary="_CA500572-943A-4B7D-B6CB-F1AF69FB2424_" --_CA500572-943A-4B7D-B6CB-F1AF69FB2424_ Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Perhaps you can try to read the stderr channel to get the error message its= elf.(I had a few similar cases where that really helped in diagnosing probl= ems). That doesn't help as much as an error code, but it is a start. Bert -----Original Message----- From: "Jeremy Friesner" Sent: =E2=80=8E17-=E2=80=8E5-=E2=80=8E2014 17:18 To: "libssh2 development" Subject: Re: How should my libssh2 program detect when the data upload fail= edbecause the destination partition ran out of space? On May 17, 2014, at 1:08 AM, Daniel Stenberg wrote: > On Fri, 16 May 2014, Jeremy Friesner wrote: >=20 >> The problem I ran into today involves the scenario when there isn't enou= gh drive-space free on the remote machine to hold the entire 152MB file. W= hat I would expect to have happen in this case is for libssh2_channel_write= () to return an error-code at some point to indicate the failure, but the b= ehavior I observe instead is that libssh2_channel_write() keeps on behaving= normally (i.e. returning positive values or -1/LIBSSH2_ERROR_EGAIN, since = I'm using non-blocking I/O), as if the file transfer was working fine. >=20 > I would expect that to happen as well. Your server obviously doesn't retu= rn any error for this... >=20 >> I note that scp did detect the error, but not until *after* it had alrea= dy uploaded all 152MB to the server. >=20 > Which sounds like a sympthom of the same thing. Yes, I expect it is =E2=80=94 OTOH, the scp client was able to print the ap= propriate error message, so it must be doing something that my program does= n=E2=80=99t do, in order to do that. >> Otherwise, where are all those bytes of data being placed during the upl= oad? >=20 > That would be a question to whoever did the server you're talking to that= eats the bytes. The server is the sshd that ships with Debian Linux; I=E2=80=99m not very c= lear about who to contact about that=E2=80=A6 Jeremy _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --_CA500572-943A-4B7D-B6CB-F1AF69FB2424_ Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="utf-8"
Perhaps you can try to read the stderr channel to get the= error message itself.(I had a few similar cases where that really helped i= n diagnosing problems). That doesn't help as much as an error code, but it = is a start.

Bert

From: Jeremy Friesner
S= ent: =E2=80=8E17-=E2=80=8E5-=E2=80=8E2014 17:18
To: libssh2 development
Subject:
Re: How should my libssh2 program detect when the data uploa= d failedbecause the destination partition ran out of space?

<= /div>
On May 17, 2014, at 1:08 AM, Daniel Stenberg <daniel@haxx.se>= ; wrote:

> On Fri, 16 May 2014, Jeremy Friesner wrote:
> >> The problem I ran into today involves the scenario when there is= n't enough drive-space free on the remote machine to hold the entire 152MB = file.  What I would expect to have happen in this case is for libssh2_= channel_write() to return an error-code at some point to indicate the failu= re, but the behavior I observe instead is that libssh2_channel_write() keep= s on behaving normally (i.e. returning positive values or -1/LIBSSH2_ERROR_= EGAIN, since I'm using non-blocking I/O), as if the file transfer was worki= ng fine.
>
> I would expect that to happen as well. Your serve= r obviously doesn't return any error for this...
>
>> I not= e that scp did detect the error, but not until *after* it had already uploa= ded all 152MB to the server.
>
> Which sounds like a sympthom = of the same thing.

Yes, I expect it is =E2=80=94 OTOH, the scp clien= t was able to print the appropriate error message, so it must be doing some= thing that my program doesn=E2=80=99t do, in order to do that.

>&= gt; Otherwise, where are all those bytes of data being placed during the up= load?
>
> That would be a question to whoever did the server y= ou're talking to that eats the bytes.

The server is the sshd that sh= ips with Debian Linux; I=E2=80=99m not very clear about who to contact abou= t that=E2=80=A6

Jeremy


__________________________________= _____________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo= /libssh2-devel
= --_CA500572-943A-4B7D-B6CB-F1AF69FB2424_-- --===============1666078244== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1666078244==-- From libssh2-devel-bounces@cool.haxx.se Sat May 17 19:45:06 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HHj2wJ000456; Sat, 17 May 2014 19:45:05 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HHj1hn032412 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sat, 17 May 2014 19:45:01 +0200 Received: (qmail 12488 invoked by uid 501); 17 May 2014 17:45:01 -0000 Message-ID: <20140517174501.12487.qmail@stuge.se> Date: Sat, 17 May 2014 19:45:01 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: How should my libssh2 program detect when the data upload failed because the destination partition ran out of space? Mail-Followup-To: libssh2-devel@cool.haxx.se References: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Jeremy Friesner wrote: > I have a program that uses libssh2 to upload a 152MB file Try not to use scp. Please study the scp protocol, so that you know how your tools actually work. I think you'll quickly find that scp is a pretty bad protocol, and that SFTP would be a better choice. > I note that scp did detect the error, but not until *after* it had > already uploaded all 152MB to the server. That seems odd to me, Study the protocol. And as Bert pointed out, how do you know that it's the local scp process which detects an error? //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat May 17 21:23:31 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HJN7f6025217; Sat, 17 May 2014 21:23:26 +0200 Received: from mail-pb0-x22b.google.com (mail-pb0-x22b.google.com [IPv6:2607:f8b0:400e:c01::22b]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HJN47e025026 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Sat, 17 May 2014 21:23:05 +0200 Received: by mail-pb0-f43.google.com with SMTP id up15so4024483pbc.16 for ; Sat, 17 May 2014 12:22:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:from:subject:date:to; bh=uPKh134bTbnyM4vltzqvYKsOPxMopcA2mDBNmsAyOQA=; b=Iyd1Pay0dipYVuUUZZevhAfi63VLzzH8a3GmP2JKkTjbRLDJPlB2owSi+KMvQnc0i6 N49vryNa4pPyk6qQzQmOcxw0b3XG/AVcSf4NOQfl0H6niPWV9qKi1Y1XLwcEKudLhnMc Kh7Vc9rIYX+8BavAh63Vy5OJvqpHeewicDKcRg0RI2GBc/D+cNALvbmfyUU5nJZNQxMg Vzi4/el6q8KJDOsNXvAk8mkcy6oCfZaQcRyaeFrtFHOM72euH6sakUml0P63MSd0qrPx avp/V3GCiegJwc4ZbbzvGpFNo+83bv4S40oWgTJn64Bl4F4+jNyKlJJ/PLJqCnC/m8p8 fzTw== X-Received: by 10.67.14.231 with SMTP id fj7mr30628479pad.115.1400354578951; Sat, 17 May 2014 12:22:58 -0700 (PDT) Received: from [10.0.0.112] (71-93-98-239.dhcp.mtpk.ca.charter.com. [71.93.98.239]) by mx.google.com with ESMTPSA id vg1sm21283300pbc.44.2014.05.17.12.22.57 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 17 May 2014 12:22:58 -0700 (PDT) References: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> <20140517174501.12487.qmail@stuge.se> Mime-Version: 1.0 (1.0) In-Reply-To: <20140517174501.12487.qmail@stuge.se> Message-Id: <44F107DD-9984-4DBD-BB89-0921D4A987AA@gmail.com> Cc: "libssh2-devel@cool.haxx.se" X-Mailer: iPhone Mail (10B329) From: Jeremy Friesner Subject: Re: How should my libssh2 program detect when the data upload failed because the destination partition ran out of space? Date: Sat, 17 May 2014 12:22:55 -0700 To: libssh2 development X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id s4HJN47e025026 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hi Peter, Is there some particular document you can point me to? I've been using the libssh2 API documentation and the examples included with the libssh2 distribution, but it sounds like you are thinking of something different. Thanks, Jeremy On May 17, 2014, at 10:45 AM, Peter Stuge wrote: > Jeremy Friesner wrote: >> I have a program that uses libssh2 to upload a 152MB file > > Try not to use scp. Please study the scp protocol, so that you know > how your tools actually work. I think you'll quickly find that scp > is a pretty bad protocol, and that SFTP would be a better choice. > > >> I note that scp did detect the error, but not until *after* it had >> already uploaded all 152MB to the server. That seems odd to me, > > Study the protocol. And as Bert pointed out, how do you know that > it's the local scp process which detects an error? > > > //Peter > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sat May 17 21:29:41 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HJTcJq003856; Sat, 17 May 2014 21:29:41 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HJTbTa003847 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sat, 17 May 2014 21:29:37 +0200 Received: (qmail 19684 invoked by uid 501); 17 May 2014 19:29:38 -0000 Message-ID: <20140517192938.19683.qmail@stuge.se> Date: Sat, 17 May 2014 21:29:38 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: How should my libssh2 program detect when the data upload failed because the destination partition ran out of space? Mail-Followup-To: libssh2-devel@cool.haxx.se References: <8A2E7525-D6FB-4F52-8D7C-337CC9AFACC2@meyersound.com> <20140517174501.12487.qmail@stuge.se> <44F107DD-9984-4DBD-BB89-0921D4A987AA@gmail.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <44F107DD-9984-4DBD-BB89-0921D4A987AA@gmail.com> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Jeremy Friesner wrote: > Is there some particular document you can point me to? Why not search on your own? "scp protocol" are excellent keywords. https://blogs.oracle.com/janp/entry/how_the_scp_protocol_works Compare that to the protocol specification for SFTP. Then you can make an informed decision and find the better solution. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun May 18 00:33:14 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HMWoTw004502; Sun, 18 May 2014 00:33:09 +0200 Received: from mx.uxnr.de (mx.uxnr.de [89.238.84.47]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4HMWnWO004433 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 18 May 2014 00:32:49 +0200 Received: from [10.1.1.152] (MH02.ob01.uxnr.net [10.1.1.152]) by mx.uxnr.de (Postfix) with ESMTPSA id 1F1AD1C5A32D for ; Sun, 18 May 2014 00:32:38 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 1F1AD1C5A32D DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1400365958; bh=UIvUqZldAytuaVZ91DLN8LCtCpNtxjLhcWp0PrbjQPY=; h=Date:From:To:Subject:References:In-Reply-To:From; b=3a5Z0ZdMRww+NADyqwycSlam3FRxLZOTxnNbpjtCpUW2mjQ69LqVOtGXp5dPxx9tA O72J+1ms/X0o/X92GX65nU52jwD7SQp+X28dVljdPVqYN6ZGgJfxJLo6maFT+Vnfqq 4VHoa015BQVGR+r8FSGECHTJDR52OBQVYoLbhuho= Message-ID: <5377E382.5090901@marc-hoersken.de> Date: Sun, 18 May 2014 00:32:34 +0200 From: Marc Hoersken User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: [PATCH 2/2] win32: Added WinCNG targets to generated Visual Studio, project References: <532E121E.4030408@marc-hoersken.de> In-Reply-To: <532E121E.4030408@marc-hoersken.de> X-Enigmail-Version: 1.6 X-Spam-Status: No, score=-1.1 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hello everyone, I applied this patch for now in order to have a working Visual Studio project for WinCNG until someone comes up with a better solution. The main question is still pending and waiting for new ideas to be answered. See the following commits for more information: https://git.libssh2.org/?p=libssh2.git;a=commit;h=e1a5d1bc772839a134b7103ff7265a182f894001;js=1 https://git.libssh2.org/?p=libssh2.git;a=commit;h=b20bfeb3e519119a48509a1099c06d65aa7da1d7;js=1 https://git.libssh2.org/?p=libssh2.git;a=commit;h=fc94046e6e1fe74064a63836173c1cfb62acb9eb;js=1 Best regards, Marc _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun May 18 13:11:24 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4IBAuLc019911; Sun, 18 May 2014 13:11:19 +0200 Received: from mx.uxnr.de (mx.uxnr.de [IPv6:2a00:1828:2000:378:2525:0:59ee:542f]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4IBAsVj019849 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 18 May 2014 13:10:54 +0200 Received: from [10.1.1.152] (MH02.ob01.uxnr.net [10.1.1.152]) by mx.uxnr.de (Postfix) with ESMTPSA id E358D1C5A32D for ; Sun, 18 May 2014 13:10:38 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de E358D1C5A32D DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1400411439; bh=Bialhb+80buNgPVp2Ow7WBriQTEXa7LEhPLHPFR/444=; h=Date:From:To:Subject:References:In-Reply-To:From; b=kytDs3/kJ1+czh9TZLRNzqk0BGY1JmdJm/FTVY1E+HRMB+YH4T9rp7VhKAKLsltSI tLiLKwDmlNhj6JmdkdWsRtHnnp1Nrg7qsmn93CrjYd9xAClNQb2U2rRvf/UVnG03Z5 FDjriOh3dGGXzkrxY5dkxOhfEXUfIMni334l9oE0= Message-ID: <53789533.7020302@marc-hoersken.de> Date: Sun, 18 May 2014 13:10:43 +0200 From: Marc Hoersken User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: Patches for Windows, Wincng, Visual Studio References: In-Reply-To: X-Enigmail-Version: 1.6 X-Spam-Status: No, score=-1.1 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hello Bob, thanks again for your patches. I applied slight modifications of the following patches: 0001-formal-parameter-must-be-const-since-it-is-used-in-c.patch 0001-Remove-redundant-inline-define.patch 0001-Wincng-define-function-prototypes-for-wincng-routine.patch 0003-in-Windows-a-socket-is-of-type-SOCKET-not-int.patch 0004-a-1-bit-bit-field-should-be-unsigned-some-compilers-.patch 0005-openssl-should-not-compile-unless-it-is-specifically.patch On 08.04.2014 23:36, Bob Kast wrote: > 0001-Add-Visual-Studio-2013-solution-project-files.patch: > > I understand that you are working on a cmake system that will create Visual > Studio project files. Until that time, I have a patch that includes project > files for VS2013. It can be something temporary or it can be something used > as a model for creating the cmake files. I am holding back the following patches until we figured out an approach to generate Visual Studio project files: 0001-Add-Visual-Studio-2013-solution-project-files.patch 0001-for-MS-VS-builds-specify-the-libraries-that-are-requ.patch My preference would be something like the Visual Studio files and generation scripts Steve Holme did for curl. See the following mailinglist posts to the curl-library mailinglist for more information: http://curl.haxx.se/mail/lib-2014-04/0059.html http://thread.gmane.org/gmane.comp.web.curl.library/42126 (complete thread) > 0001-Use-secure-versions-of-CRT-library.patch: > > Libssh2 uses deprecated versions of the run-time library. This patch updates > that so they use the secure versions. For my changes to correctly compile on > non-Windows systems, you need to add the following defines. I was not sure > where these should be added: > > #define SNPRINTF snprintf > #define VSNPRINTF vsnprintf I think we need more feedback/information regarding the following patches before they can be merged: 0001-Use-secure-versions-of-CRT-library.patch I agree that libssh2 should use the secure string formatting functions if they are available. I am just not sure if macros and various ifdefs are the best approach. Maybe we can create internal snprintf and vsnprintf wrapper functions instead? Like curlx: https://github.com/bagder/curl/blob/master/lib/curlx.h 0001-Windows-library-don-t-export-externals.patch I checked the generated libssh2-1.dll and there were no exports besides the libssh2 API functions. Why do you think this patch is necessary and to which build scenario does it apply? 0001-Windows-Tracing-use-OutputDebugString.patch It's definitely a good idea to use OutputDebugString instead of fprintf, but maybe there should be a separate define for that instead of using the following: "#if defined(WIN32) && !defined(__MINGW32__) && !defined(__CYGWIN__)" Would you mind to elaborate a little bit on the changes and adapt the code style to the existing libssh2 code? Thanks in advance. Best regards, Marc _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun May 18 15:15:59 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4IDFhxT023953; Sun, 18 May 2014 15:15:57 +0200 Received: from mx.uxnr.de (mx.uxnr.de [IPv6:2a00:1828:2000:378:2525:0:59ee:542f]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4IDFfaA023294 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 18 May 2014 15:15:41 +0200 Received: from [10.1.1.152] (MH02.ob01.uxnr.net [10.1.1.152]) by mx.uxnr.de (Postfix) with ESMTPSA id 9EFE81C5A32D for ; Sun, 18 May 2014 15:15:24 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 9EFE81C5A32D DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1400418924; bh=/FP8cJDojddJ6Pj1mYjTZUfZXEtTpj64Ru7oGEPQrP0=; h=Date:From:To:Subject:References:In-Reply-To:From; b=GwmOf6BNKaDdxFtJJmSdlG1jly3XyIyKhplC3fu+FPiTmd3pmUr163Ob2nam3ls80 /4NSwwZwZpVqoPO6bpy6iEkc2cRmkdUckyGBy97Q809fWnlRK6sC927lLic5qWDd/N Bh2Iq0TaVnsUrbSZH4djuMvxj8AgkNpaDIYHnlRU= Message-ID: <5378B273.3040500@marc-hoersken.de> Date: Sun, 18 May 2014 15:15:31 +0200 From: Marc Hoersken User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: [PATCH] wincng: Added explicit memory overwrite feature to WinCNG backend References: <5325F5FF.2060703@marc-hoersken.de> In-Reply-To: <5325F5FF.2060703@marc-hoersken.de> X-Enigmail-Version: 1.6 Content-Type: multipart/mixed; boundary="------------040201040907090100050003" X-Spam-Status: No, score=-1.1 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" This is a multi-part message in MIME format. --------------040201040907090100050003 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Hello everyone, attached you will find a new patch that has been rebased to the current master. Please review this patch. Any feedback is welcome. Best regards, Marc --------------040201040907090100050003 Content-Type: text/plain; charset=windows-1252; name="0001-wincng-Added-explicit-memory-overwrite-feature-to-Wi.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename*0="0001-wincng-Added-explicit-memory-overwrite-feature-to-Wi.pa"; filename*1="tch" From c59778974769497d9b9eba290231b0e6220bcce8 Mon Sep 17 00:00:00 2001 From: Marc Hoersken Date: Sun, 16 Mar 2014 20:02:17 +0100 Subject: [PATCH] wincng: Added explicit memory overwrite feature to WinCNG backend This re-introduces the original feature proposed during the development of the WinCNG crypto backend. It still needs to be added to libssh2 itself and probably other backends. --- configure.ac | 7 +++ src/wincng.c | 145 +++++++++++++++++++++++++++++++++-------------------------- 2 files changed, 88 insertions(+), 64 deletions(-) diff --git a/configure.ac b/configure.ac index ba4dd7a..f31e3c5 100644 --- a/configure.ac +++ b/configure.ac @@ -197,6 +197,13 @@ if test "$GEX_NEW" != "no"; then AC_DEFINE(LIBSSH2_DH_GEX_NEW, 1, [Enable newer diffie-hellman-group-exchange-sha1 syntax]) fi +AC_ARG_ENABLE(memory-overwrite, + AC_HELP_STRING([--disable-memory-overwrite],[Disable memory overwrite before being freed]), + [MEMORY_OVERWRITE=$enableval]) +if test "$MEMORY_OVERWRITE" != "no"; then + AC_DEFINE(LIBSSH2_MEMORY_OVERWRITE, 1, [Enable memory overwrite before being freed]) +fi + dnl ************************************************************ dnl option to switch on compiler debug options dnl diff --git a/src/wincng.c b/src/wincng.c index f5390d2..2471a7c 100644 --- a/src/wincng.c +++ b/src/wincng.c @@ -272,6 +272,23 @@ _libssh2_wincng_random(void *buf, int len) return BCRYPT_SUCCESS(ret) ? 0 : -1; } +static void +_libssh2_wincng_mfree(void *buf, int len) +{ + if (!buf) + return; + +#ifdef LIBSSH2_MEMORY_OVERWRITE + if (len > 0) + _libssh2_wincng_random(buf, len); +#else + if (len > 0) + memset(buf, 0, len); +#endif + + free(buf); +} + /*******************************************************************/ /* @@ -314,7 +331,7 @@ _libssh2_wincng_hash_init(_libssh2_wincng_hash_ctx *ctx, pbHashObject, dwHashObject, key, keylen, 0); if (!BCRYPT_SUCCESS(ret)) { - free(pbHashObject); + _libssh2_wincng_mfree(pbHashObject, dwHashObject); return -1; } @@ -347,11 +364,11 @@ _libssh2_wincng_hash_final(_libssh2_wincng_hash_ctx *ctx, ret = BCryptFinishHash(ctx->hHash, hash, ctx->cbHash, 0); BCryptDestroyHash(ctx->hHash); + ctx->hHash = NULL; - if (ctx->pbHashObject) - free(ctx->pbHashObject); - - memset(ctx, 0, sizeof(_libssh2_wincng_hash_ctx)); + _libssh2_wincng_mfree(ctx->pbHashObject, ctx->dwHashObject); + ctx->pbHashObject = NULL; + ctx->dwHashObject = 0; return ret; } @@ -395,11 +412,11 @@ void _libssh2_wincng_hmac_cleanup(_libssh2_wincng_hash_ctx *ctx) { BCryptDestroyHash(ctx->hHash); + ctx->hHash = NULL; - if (ctx->pbHashObject) - free(ctx->pbHashObject); - - memset(ctx, 0, sizeof(_libssh2_wincng_hash_ctx)); + _libssh2_wincng_mfree(ctx->pbHashObject, ctx->dwHashObject); + ctx->pbHashObject = NULL; + ctx->dwHashObject = 0; } @@ -441,17 +458,17 @@ _libssh2_wincng_key_sha1_verify(_libssh2_wincng_key_ctx *ctx, _libssh2_wincng.hAlgHashSHA1, hash, hashlen); - free(data); + _libssh2_wincng_mfree(data, datalen); if (ret) { - free(hash); + _libssh2_wincng_mfree(hash, hashlen); return -1; } datalen = sig_len; data = malloc(datalen); if (!data) { - free(hash); + _libssh2_wincng_mfree(hash, hashlen); return -1; } @@ -466,8 +483,8 @@ _libssh2_wincng_key_sha1_verify(_libssh2_wincng_key_ctx *ctx, ret = BCryptVerifySignature(ctx->hKey, pPaddingInfo, hash, hashlen, data, datalen, flags); - free(hash); - free(data); + _libssh2_wincng_mfree(hash, hashlen); + _libssh2_wincng_mfree(data, datalen); return BCRYPT_SUCCESS(ret) ? 0 : -1; } @@ -560,7 +577,7 @@ _libssh2_wincng_asn_decode(unsigned char *pbEncoded, pbEncoded, cbEncoded, 0, NULL, pbDecoded, &cbDecoded); if (!ret) { - free(pbDecoded); + _libssh2_wincng_mfree(pbDecoded, cbDecoded); return -1; } @@ -630,7 +647,7 @@ _libssh2_wincng_asn_decode_bn(unsigned char *pbEncoded, *ppbDecoded = pbDecoded; *pcbDecoded = cbDecoded; } - free(pbInteger); + _libssh2_wincng_mfree(pbInteger, cbInteger); } return ret; @@ -675,10 +692,10 @@ _libssh2_wincng_asn_decode_bns(unsigned char *pbEncoded, *pcbCount = length; } else { for (length = 0; length < index; length++) { - if (rpbDecoded[length]) { - free(rpbDecoded[length]); - rpbDecoded[length] = NULL; - } + _libssh2_wincng_mfree(rpbDecoded[length], + rcbDecoded[length]); + rpbDecoded[length] = NULL; + rcbDecoded[length] = 0; } free(rpbDecoded); free(rcbDecoded); @@ -691,7 +708,7 @@ _libssh2_wincng_asn_decode_bns(unsigned char *pbEncoded, ret = -1; } - free(pbDecoded); + _libssh2_wincng_mfree(pbDecoded, cbDecoded); } return ret; @@ -837,7 +854,7 @@ _libssh2_wincng_rsa_new(libssh2_rsa_ctx **rsa, ret = BCryptImportKeyPair(_libssh2_wincng.hAlgRSA, NULL, lpszBlobType, &hKey, key, keylen, 0); if (!BCRYPT_SUCCESS(ret)) { - free(key); + _libssh2_wincng_mfree(key, keylen); return -1; } @@ -845,7 +862,7 @@ _libssh2_wincng_rsa_new(libssh2_rsa_ctx **rsa, *rsa = malloc(sizeof(libssh2_rsa_ctx)); if (!(*rsa)) { BCryptDestroyKey(hKey); - free(key); + _libssh2_wincng_mfree(key, keylen); return -1; } @@ -881,7 +898,7 @@ _libssh2_wincng_rsa_new_private(libssh2_rsa_ctx **rsa, PKCS_RSA_PRIVATE_KEY, &pbStructInfo, &cbStructInfo); - free(pbEncoded); + _libssh2_wincng_mfree(pbEncoded, cbEncoded); if (ret) { return -1; @@ -892,7 +909,7 @@ _libssh2_wincng_rsa_new_private(libssh2_rsa_ctx **rsa, LEGACY_RSAPRIVATE_BLOB, &hKey, pbStructInfo, cbStructInfo, 0); if (!BCRYPT_SUCCESS(ret)) { - free(pbStructInfo); + _libssh2_wincng_mfree(pbStructInfo, cbStructInfo); return -1; } @@ -900,7 +917,7 @@ _libssh2_wincng_rsa_new_private(libssh2_rsa_ctx **rsa, *rsa = malloc(sizeof(libssh2_rsa_ctx)); if (!(*rsa)) { BCryptDestroyKey(hKey); - free(pbStructInfo); + _libssh2_wincng_mfree(pbStructInfo, cbStructInfo); return -1; } @@ -974,7 +991,7 @@ _libssh2_wincng_rsa_sha1_sign(LIBSSH2_SESSION *session, ret = STATUS_NO_MEMORY; } - free(data); + _libssh2_wincng_mfree(data, datalen); return BCRYPT_SUCCESS(ret) ? 0 : -1; } @@ -987,11 +1004,8 @@ _libssh2_wincng_rsa_free(libssh2_rsa_ctx *rsa) BCryptDestroyKey(rsa->hKey); - if (rsa->pbKeyObject) - free(rsa->pbKeyObject); - - memset(rsa, 0, sizeof(libssh2_rsa_ctx)); - free(rsa); + _libssh2_wincng_mfree(rsa->pbKeyObject, rsa->cbKeyObject); + _libssh2_wincng_mfree(rsa, sizeof(libssh2_rsa_ctx)); } @@ -1085,7 +1099,7 @@ _libssh2_wincng_dsa_new(libssh2_dsa_ctx **dsa, ret = BCryptImportKeyPair(_libssh2_wincng.hAlgDSA, NULL, lpszBlobType, &hKey, key, keylen, 0); if (!BCRYPT_SUCCESS(ret)) { - free(key); + _libssh2_wincng_mfree(key, keylen); return -1; } @@ -1093,7 +1107,7 @@ _libssh2_wincng_dsa_new(libssh2_dsa_ctx **dsa, *dsa = malloc(sizeof(libssh2_dsa_ctx)); if (!(*dsa)) { BCryptDestroyKey(hKey); - free(key); + _libssh2_wincng_mfree(key, keylen); return -1; } @@ -1127,7 +1141,7 @@ _libssh2_wincng_dsa_new_private(libssh2_dsa_ctx **dsa, ret = _libssh2_wincng_asn_decode_bns(pbEncoded, cbEncoded, &rpbDecoded, &rcbDecoded, &length); - free(pbEncoded); + _libssh2_wincng_mfree(pbEncoded, cbEncoded); if (ret) { return -1; @@ -1146,10 +1160,9 @@ _libssh2_wincng_dsa_new_private(libssh2_dsa_ctx **dsa, } for (index = 0; index < length; index++) { - if (rpbDecoded[index]) { - free(rpbDecoded[index]); - rpbDecoded[index] = NULL; - } + _libssh2_wincng_mfree(rpbDecoded[index], rcbDecoded[index]); + rpbDecoded[index] = NULL; + rcbDecoded[index] = 0; } free(rpbDecoded); @@ -1207,14 +1220,14 @@ _libssh2_wincng_dsa_sha1_sign(libssh2_dsa_ctx *dsa, memcpy(sig_fixed, sig, siglen); } - free(sig); + _libssh2_wincng_mfree(sig, siglen); } else ret = STATUS_NO_MEMORY; } else ret = STATUS_NO_MEMORY; } - free(data); + _libssh2_wincng_mfree(data, datalen); return BCRYPT_SUCCESS(ret) ? 0 : -1; } @@ -1227,11 +1240,8 @@ _libssh2_wincng_dsa_free(libssh2_dsa_ctx *dsa) BCryptDestroyKey(dsa->hKey); - if (dsa->pbKeyObject) - free(dsa->pbKeyObject); - - memset(dsa, 0, sizeof(libssh2_dsa_ctx)); - free(dsa); + _libssh2_wincng_mfree(dsa->pbKeyObject, dsa->cbKeyObject); + _libssh2_wincng_mfree(dsa, sizeof(libssh2_dsa_ctx)); } #endif @@ -1281,7 +1291,7 @@ _libssh2_wincng_pub_priv_keyfile(LIBSSH2_SESSION *session, ret = _libssh2_wincng_asn_decode_bns(pbEncoded, cbEncoded, &rpbDecoded, &rcbDecoded, &length); - free(pbEncoded); + _libssh2_wincng_mfree(pbEncoded, cbEncoded); if (ret) { return -1; @@ -1354,10 +1364,9 @@ _libssh2_wincng_pub_priv_keyfile(LIBSSH2_SESSION *session, for (index = 0; index < length; index++) { - if (rpbDecoded[index]) { - free(rpbDecoded[index]); - rpbDecoded[index] = NULL; - } + _libssh2_wincng_mfree(rpbDecoded[index], rcbDecoded[index]); + rpbDecoded[index] = NULL; + rcbDecoded[index] = 0; } free(rpbDecoded); @@ -1453,10 +1462,10 @@ _libssh2_wincng_cipher_init(_libssh2_cipher_ctx *ctx, ret = BCryptImportKey(*type.phAlg, NULL, BCRYPT_KEY_DATA_BLOB, &hKey, pbKeyObject, dwKeyObject, key, keylen, 0); - free(key); + _libssh2_wincng_mfree(key, keylen); if (!BCRYPT_SUCCESS(ret)) { - free(pbKeyObject); + _libssh2_wincng_mfree(pbKeyObject, dwKeyObject); return -1; } @@ -1464,7 +1473,7 @@ _libssh2_wincng_cipher_init(_libssh2_cipher_ctx *ctx, pbIV = malloc(dwBlockLength); if (!pbIV) { BCryptDestroyKey(hKey); - free(pbKeyObject); + _libssh2_wincng_mfree(pbKeyObject, dwKeyObject); return -1; } dwIV = dwBlockLength; @@ -1523,7 +1532,7 @@ _libssh2_wincng_cipher_crypt(_libssh2_cipher_ctx *ctx, memcpy(block, pbOutput, cbOutput); } - free(pbOutput); + _libssh2_wincng_mfree(pbOutput, cbOutput); } else ret = STATUS_NO_MEMORY; } @@ -1535,13 +1544,11 @@ void _libssh2_wincng_cipher_dtor(_libssh2_cipher_ctx *ctx) { BCryptDestroyKey(ctx->hKey); + ctx->hKey = NULL; - if (ctx->pbKeyObject) { - free(ctx->pbKeyObject); - ctx->pbKeyObject = NULL; - } - - memset(ctx, 0, sizeof(_libssh2_cipher_ctx)); + _libssh2_wincng_mfree(ctx->pbKeyObject, ctx->dwKeyObject); + ctx->pbKeyObject = NULL; + ctx->dwKeyObject = 0; } @@ -1573,6 +1580,12 @@ _libssh2_wincng_bignum_resize(_libssh2_bn *bn, unsigned long length) if (length == bn->length) return 0; +#ifdef LIBSSH2_MEMORY_OVERWRITE + if (bn->bignum && bn->length > 0 && length < bn->length) { + _libssh2_wincng_random(bn->bignum + length, bn->length - length); + } +#endif + bignum = realloc(bn->bignum, length); if (!bignum) return -1; @@ -1680,7 +1693,7 @@ _libssh2_wincng_bignum_mod_exp(_libssh2_bn *r, r->bignum, r->length, &offset, BCRYPT_PAD_NONE); - free(bignum); + _libssh2_wincng_mfree(bignum, length); if (BCRYPT_SUCCESS(ret)) { _libssh2_wincng_bignum_resize(r, offset); @@ -1694,7 +1707,7 @@ _libssh2_wincng_bignum_mod_exp(_libssh2_bn *r, BCryptDestroyKey(hKey); } - free(key); + _libssh2_wincng_mfree(key, keylen); return BCRYPT_SUCCESS(ret) ? 0 : -1; } @@ -1772,6 +1785,10 @@ _libssh2_wincng_bignum_from_bin(_libssh2_bn *bn, unsigned long len, if (offset > 0) { memmove(bn->bignum, bn->bignum + offset, length); +#ifdef LIBSSH2_MEMORY_OVERWRITE + _libssh2_wincng_random(bn->bignum + length, offset); +#endif + bignum = realloc(bn->bignum, length); if (bignum) { bn->bignum = bignum; @@ -1793,7 +1810,7 @@ _libssh2_wincng_bignum_free(_libssh2_bn *bn) { if (bn) { if (bn->bignum) { - free(bn->bignum); + _libssh2_wincng_mfree(bn->bignum, bn->length); bn->bignum = NULL; } bn->length = 0; -- 1.9.2.msysgit.0 --------------040201040907090100050003 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --------------040201040907090100050003-- From libssh2-devel-bounces@cool.haxx.se Sun May 18 19:02:37 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4IH2CAn028383; Sun, 18 May 2014 19:02:33 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4IH2AGk028346 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 18 May 2014 19:02:10 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id s4IH29aB028342 for ; Sun, 18 May 2014 19:02:09 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Sun, 18 May 2014 19:02:09 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: [PATCH] wincng: Added explicit memory overwrite feature to WinCNG backend In-Reply-To: <5378B273.3040500@marc-hoersken.de> Message-ID: References: <5325F5FF.2060703@marc-hoersken.de> <5378B273.3040500@marc-hoersken.de> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Sun, 18 May 2014, Marc Hoersken wrote: > attached you will find a new patch that has been rebased to the current > master. I think the configure help text and commit message could use some improvement. This option only disables the random fill of the free data, it still overwrites memory - only with zeros instead. So it doesn't disable memory overwrite at all. A question though: is there really anyone who suggests that it is safer to fill the data with random data rather than just zeros? I just can't see the point with doing such a slow operation and waste random seed on this. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Sun May 18 19:12:42 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4IHCa3P004843; Sun, 18 May 2014 19:12:40 +0200 Received: from mx.uxnr.de (mx.uxnr.de [89.238.84.47]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4IHCZE9004682 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 18 May 2014 19:12:35 +0200 Received: from [10.1.1.152] (MH02.ob01.uxnr.net [10.1.1.152]) by mx.uxnr.de (Postfix) with ESMTPSA id 12D1B1C5A366 for ; Sun, 18 May 2014 19:12:18 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 12D1B1C5A366 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1400433138; bh=Qa90B/HKoyT/ld28FrHchm3Hd7QoVEBcM44GD+iau7E=; h=Date:From:To:Subject:References:In-Reply-To:From; b=tIs+j938h42WMQZuLERmbw1pdi+FjtAlAUrZ93cw33B+O5HLt0o6KTqwOR46FCbIc Drpv1TfOlemyqW8S0N4+PAp29/nvp3gziJp+RDVzJVxgPzcjuJ/kBLMZGbzfsBBNNc mxvJC4mCxkkd2cbWZFcQVyAKPO3O9jOucwSysC54= Message-ID: <5378E9FA.4000309@marc-hoersken.de> Date: Sun, 18 May 2014 19:12:26 +0200 From: Marc Hoersken User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: [PATCH] wincng: Added explicit memory overwrite feature to WinCNG backend References: <5325F5FF.2060703@marc-hoersken.de> <5378B273.3040500@marc-hoersken.de> In-Reply-To: X-Enigmail-Version: 1.6 X-Spam-Status: No, score=-1.1 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Am 18.05.2014 19:02, schrieb Daniel Stenberg: > This option only disables the random fill of the free data, it still > overwrites memory - only with zeros instead. So it doesn't disable > memory overwrite at all. You are right, originally the patch included the following hunk: +#ifdef LIBSSH2_MEMORY_OVERWRITE + if (len > 0) + _libssh2_wincng_random(buf, len); +#endif instead of +#ifdef LIBSSH2_MEMORY_OVERWRITE + if (len > 0) + _libssh2_wincng_random(buf, len); +#else + if (len > 0) + memset(buf, 0, len); +#endif I changed this during the latest rebase to always at least overwrite the data with zeros. > A question though: is there really anyone who suggests that it is > safer to fill the data with random data rather than just zeros? I just > can't see the point with doing such a slow operation and waste random > seed on this. I don't have specific expertise in this area, but I think a reason could be that a compiler might be tempted to optimize memset(buf, 0, len) out. Looking at the memory erasure procedure of the Tails operating system [1], it seems like overwriting with zeros is enough: > Actual memory erasure process > > The software that performs the actual memory erasure is sdmem, which > is part of the secure-delete package. sdmem is called using the -v > (verbose mode) option to give feedback to the user, as well as the > -llf options: memory is only overwritten once with zeros; this is the > fastest available mode, and is enough to protect against every memory > forensics attack we know of. [1] https://tails.boum.org/contribute/design/memory_erasure/ _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 10:09:53 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J89LKg026316; Mon, 19 May 2014 10:09:48 +0200 Received: from leibnitz.dyndnsix.org (cm-84.215.233.26.getinternet.no [84.215.233.26]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J89JTi026309 for ; Mon, 19 May 2014 10:09:19 +0200 Received: from dottedmag by leibnitz.dyndnsix.org with local (Exim 4.80) (envelope-from ) id 1WmIdM-0004jV-CV; Mon, 19 May 2014 10:09:20 +0200 From: Mikhail Gusarov To: libssh2-devel@cool.haxx.se Subject: [PATCH] Do not expose private libraries nor link flags to clients of libssh2 Date: Mon, 19 May 2014 10:09:16 +0200 Message-Id: <1400486956-18159-1-git-send-email-dottedmag@dottedmag.net> X-Mailer: git-send-email 2.0.0.rc2 Cc: Mikhail Gusarov X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747417 --- libssh2.pc.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libssh2.pc.in b/libssh2.pc.in index 26d8a45..3a4f7b6 100644 --- a/libssh2.pc.in +++ b/libssh2.pc.in @@ -12,6 +12,6 @@ URL: http://www.libssh2.org/ Description: Library for SSH-based communication Version: @LIBSSH2VER@ Requires.private: @LIBSREQUIRED@ -Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@ +Libs: -L${libdir} -lssh2 Libs.private: @LIBS@ Cflags: -I${includedir} -- 1.8.5.3 _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 10:22:23 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8MILG012310; Mon, 19 May 2014 10:22:22 +0200 Received: from leibnitz.dyndnsix.org (cm-84.215.233.26.getinternet.no [84.215.233.26]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8MGY8012297 for ; Mon, 19 May 2014 10:22:16 +0200 Received: from dottedmag by leibnitz.dyndnsix.org with local (Exim 4.80) (envelope-from ) id 1WmIpt-0008LS-5G; Mon, 19 May 2014 10:22:17 +0200 From: Mikhail Gusarov To: libssh2-devel@cool.haxx.se Subject: [PATCH] Fix typos in manpages Date: Mon, 19 May 2014 10:22:16 +0200 Message-Id: <1400487736-32044-1-git-send-email-dottedmag@dottedmag.net> X-Mailer: git-send-email 2.0.0.rc2 Cc: Mikhail Gusarov X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --- docs/libssh2_base64_decode.3 | 2 +- docs/libssh2_channel_get_exit_status.3 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/libssh2_base64_decode.3 b/docs/libssh2_base64_decode.3 index 33e141c..932f03a 100644 --- a/docs/libssh2_base64_decode.3 +++ b/docs/libssh2_base64_decode.3 @@ -19,7 +19,7 @@ The returned buffer is allocated by this function, but it is not clear how to free that memory! .SH BUGS The memory that *dest points to is allocated by the malloc function libssh2 -uses, but there's no way for an appliction to free this data in a safe and +uses, but there's no way for an application to free this data in a safe and reliable way! .SH RETURN VALUE 0 if successful, \-1 if any error occurred. diff --git a/docs/libssh2_channel_get_exit_status.3 b/docs/libssh2_channel_get_exit_status.3 index 08d5555..4a8c9e2 100644 --- a/docs/libssh2_channel_get_exit_status.3 +++ b/docs/libssh2_channel_get_exit_status.3 @@ -8,7 +8,7 @@ int libssh2_channel_get_exit_status(LIBSSH2_CHANNEL* channel) .SH DESCRIPTION -\fIchannel\fP - Closed channel stream to retreive exit status from. +\fIchannel\fP - Closed channel stream to retrieve exit status from. Returns the exit code raised by the process running on the remote host at the other end of the named channel. Note that the exit status may not be -- 2.0.0.rc2 _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 10:23:02 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8N1L1012776; Mon, 19 May 2014 10:23:02 +0200 Received: from colibri.localdomain (ppp-93-104-46-75.dynamic.mnet-online.de [93.104.46.75]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8MxCZ012615 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2014 10:23:00 +0200 Received: by colibri.localdomain (Postfix, from userid 501) id 90CA0100F6; Mon, 19 May 2014 10:23:00 +0200 (CEST) Date: Mon, 19 May 2014 10:23:00 +0200 From: Dan Fandrich To: libssh2 development Subject: Re: [PATCH] Do not expose private libraries nor link flags to clients of libssh2 Message-ID: <20140519082300.GA1921@coneharvesters.com> Mail-Followup-To: libssh2 development , Mikhail Gusarov References: <1400486956-18159-1-git-send-email-dottedmag@dottedmag.net> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <1400486956-18159-1-git-send-email-dottedmag@dottedmag.net> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: Mikhail Gusarov X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Mon, May 19, 2014 at 10:09:16AM +0200, Mikhail Gusarov wrote: > Reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747417 > --- > libssh2.pc.in | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libssh2.pc.in b/libssh2.pc.in > index 26d8a45..3a4f7b6 100644 > --- a/libssh2.pc.in > +++ b/libssh2.pc.in > @@ -12,6 +12,6 @@ URL: http://www.libssh2.org/ > Description: Library for SSH-based communication > Version: @LIBSSH2VER@ > Requires.private: @LIBSREQUIRED@ > -Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@ > +Libs: -L${libdir} -lssh2 > Libs.private: @LIBS@ > Cflags: -I${includedir} > -- > 1.8.5.3 The problem with this is that some of the flags may be necessary in order to properly link clients with libssh2. It's probably more likely than not that this isn't the case, but it may be safer to include them rather than not. Packagers (like Debian) can apply this patch themselves when applicable to their use case. >>> Dan _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 10:25:32 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8PTTt014914; Mon, 19 May 2014 10:25:31 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8PQuQ014895 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 19 May 2014 10:25:26 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id s4J8PQqR014892; Mon, 19 May 2014 10:25:26 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Mon, 19 May 2014 10:25:26 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: [PATCH] Fix typos in manpages In-Reply-To: <1400487736-32044-1-git-send-email-dottedmag@dottedmag.net> Message-ID: References: <1400487736-32044-1-git-send-email-dottedmag@dottedmag.net> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 Cc: Mikhail Gusarov X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Mon, 19 May 2014, Mikhail Gusarov wrote: > --- > docs/libssh2_base64_decode.3 | 2 +- > docs/libssh2_channel_get_exit_status.3 | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) Thanks, merged and pushed! -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 10:29:56 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8Tq0T021923; Mon, 19 May 2014 10:29:55 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8ToWm021900 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2014 10:29:50 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id s4J8TowQ021895 for ; Mon, 19 May 2014 10:29:50 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Mon, 19 May 2014 10:29:50 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Back on the release track Message-ID: User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hey friends, Let's take another shot at a new release soon. Is there any pressing change/bug we really SHOULD fix before a release can happen? If so, speak up now and please motivate. If not, I think a release is possible by the end of this week. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 10:36:40 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8aZAv027451; Mon, 19 May 2014 10:36:39 +0200 Received: from mail-qc0-x236.google.com (mail-qc0-x236.google.com [IPv6:2607:f8b0:400d:c01::236]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4J8aWYC027441 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 19 May 2014 10:36:33 +0200 Received: by mail-qc0-f182.google.com with SMTP id e16so8494694qcx.13 for ; Mon, 19 May 2014 01:36:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:content-type; bh=aHSXKfyUglpN58RwOb7RxokTR3XMjaBzHcL/fHQIRZ0=; b=FKoz0TM0xKQkQDzC05FMk1ESG+VajPamk6ebLUxkvQQXcYBg6P/KlwcRXFJ96+9Eni LX9I6KAHDkjCYG/986x5LBX9xHNSoT1e9QizxIFqTT6Ord3ouswxnhIaKjg905tHn5ME rLYAsjr9ARm8VFWMtb7iHZ2qHfaQMI3HrBYSHKVvBSCskH5OiE7QGyXHWt4k5Yd0nJVG cd7ySTW+UbM7l0UOI9nMrdpjanFdktcce/p0Iwd0kzGmHPDvQstaUemKw19gxxu8lKbK xgT6fYC0FCb+5lA8XqhPb7gfqYwvNnX7p/IwZaEmsqbVOU7LiB7yYoEtvJ9Cpn1XPFvT 65vA== X-Received: by 10.140.21.239 with SMTP id 102mr7257471qgl.31.1400488588651; Mon, 19 May 2014 01:36:28 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.86.194 with HTTP; Mon, 19 May 2014 01:35:48 -0700 (PDT) In-Reply-To: <20140519082300.GA1921@coneharvesters.com> References: <1400486956-18159-1-git-send-email-dottedmag@dottedmag.net> <20140519082300.GA1921@coneharvesters.com> From: Mikhail Gusarov Date: Mon, 19 May 2014 10:35:48 +0200 X-Google-Sender-Auth: NTOTEyZJXfWM7XTiUohREVqIzOM Message-ID: Subject: Re: [PATCH] Do not expose private libraries nor link flags to clients of libssh2 To: libssh2 development , Mikhail Gusarov X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1407544026==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1407544026== Content-Type: multipart/alternative; boundary=001a11c1190ed6e43504f9bca838 --001a11c1190ed6e43504f9bca838 Content-Type: text/plain; charset=UTF-8 At least @LIBS@ ought to be just in Libs.private. Maybe it's possible to split @LDFLAGS@ into transitive and non-transitive ones? Though probably not worth it. Best regards, Mikhail Gusarov. On Mon, May 19, 2014 at 10:23 AM, Dan Fandrich wrote: > On Mon, May 19, 2014 at 10:09:16AM +0200, Mikhail Gusarov wrote: > > Reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747417 > > --- > > libssh2.pc.in | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libssh2.pc.in b/libssh2.pc.in > > index 26d8a45..3a4f7b6 100644 > > --- a/libssh2.pc.in > > +++ b/libssh2.pc.in > > @@ -12,6 +12,6 @@ URL: http://www.libssh2.org/ > > Description: Library for SSH-based communication > > Version: @LIBSSH2VER@ > > Requires.private: @LIBSREQUIRED@ > > -Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@ > > +Libs: -L${libdir} -lssh2 > > Libs.private: @LIBS@ > > Cflags: -I${includedir} > > -- > > 1.8.5.3 > > The problem with this is that some of the flags may be necessary in order > to > properly link clients with libssh2. It's probably more likely than not that > this isn't the case, but it may be safer to include them rather than not. > Packagers (like Debian) can apply this patch themselves when applicable to > their use case. > > >>> Dan > --001a11c1190ed6e43504f9bca838 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
At least @LIBS@ ought to be just in Libs.private.

=
Maybe it's possible to split @LDFLAGS@ into transitive and n= on-transitive ones? Though probably not worth it.


Best regards,
Mikhail Gusarov.


On Mon, May 19, 2014 at 10:23 AM, Dan Fa= ndrich <dan@coneharvesters.com> wrote:
On Mon, May 19, 2014 at 10:09:16AM = +0200, Mikhail Gusarov wrote:
> Reported in https://bugs.debian.org/cgi-bin/bugreport.cg= i?bug=3D747417
> ---
> =C2=A0libssh2.pc.in= | 2 +-
> =C2=A01 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libssh= 2.pc.in b/libssh2.pc= .in
> index 26d8a45..3a4f7b6 100644
> --- a/libssh2.pc.in=
> +++ b/libssh2.pc.in=
> @@ -12,6 +12,6 @@ URL: http://www.libssh2.org/
> =C2=A0Description: Library for SSH-based communication
> =C2=A0Version: @LIBSSH2VER@
> =C2=A0Requires.private: @LIBSREQUIRED@
> -Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@
> +Libs: -L${libdir} -lssh2
> =C2=A0Libs.private: @LIBS@
> =C2=A0Cflags: -I${includedir}
> --
> 1.8.5.3

The problem with this is that some of the flags may be necessar= y in order to
properly link clients with libssh2. It's probably more likely than not = that
this isn't the case, but it may be safer to include them rather than no= t.
Packagers (like Debian) can apply this patch themselves when applicable to<= br> their use case.

>>> Dan

--001a11c1190ed6e43504f9bca838-- --===============1407544026== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1407544026==-- From libssh2-devel-bounces@cool.haxx.se Mon May 19 15:19:25 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JDItjt012830; Mon, 19 May 2014 15:19:18 +0200 Received: from BAY004-OMC4S2.hotmail.com (bay004-omc4s2.hotmail.com [65.54.190.204]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JDIqMv012746 for ; Mon, 19 May 2014 15:18:53 +0200 Received: from BAY407-EAS250 ([65.54.190.199]) by BAY004-OMC4S2.hotmail.com with Microsoft SMTPSVC(7.5.7601.22678); Mon, 19 May 2014 06:18:48 -0700 X-TMN: [uutZQL2100CIjX4eewt3GMbiudROTgXr] X-Originating-Email: [bob_2824@hotmail.com] Message-ID: From: Bob Kast To: "'libssh2 development'" References: <53789533.7020302@marc-hoersken.de> In-Reply-To: <53789533.7020302@marc-hoersken.de> Subject: RE: Patches for Windows, Wincng, Visual Studio Date: Mon, 19 May 2014 09:18:49 -0400 MIME-Version: 1.0 X-Mailer: Microsoft Outlook 15.0 Thread-Index: AQABAgMEDfU2e3UNVLXNs3ZQ71CRSQCj/wb6nt+cDEA= Content-Language: en-us X-OriginalArrivalTime: 19 May 2014 13:18:48.0750 (UTC) FILETIME=[DEB71CE0:01CF7364] X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Marc, > I am holding back the following patches until we figured out an approach to > generate Visual Studio project files: > > 0001-Add-Visual-Studio-2013-solution-project-files.patch > 0001-for-MS-VS-builds-specify-the-libraries-that-are-requ.patch The patch: "0001-for-MS-VS-builds-specify-the-libraries-that-are-requ.patch " has nothing to do with whether VS project files are used or not. The point of this patch is to build into the library the instructions of what libraries need to be linked in. Putting this in the C source has several benefits: - if the user is building a static library, these instructions pass through to the project using the library. The idea is this: If a user is building an application XYZ and links in a static library of libssh2.lib, he will also need to specify to link in BCRYPT.lib and CRYPT32.lib. These are libraries that he is not using directly but are being used by libssh2 so it may be confusing. By including these statements, he needs to link only libssh2 and libssh2 will direct what it needs under the covers. - Windows project files typically have many configurations (release, debug, x64, x86, etc.). The libraries to include typically are needed for all configurations, and it is easy to have a configuration miss some parameter. This puts it in one place instead of 4 or more places. > 0001-Windows-library-don-t-export-externals.patch > I checked the generated libssh2-1.dll and there were no exports besides the > libssh2 API functions. > Why do you think this patch is necessary and to which build scenario does it > apply? In looking over this I realize that I didn't explain the bug sufficiently. The problem is this: If you are building a DLL, then you need to explicitly export each entry point. When building a static library, you should not. Libssh2 was exporting the entry points whether it was building a DLL or a static library. To elaborate further, I was using libssh2 as a static library, which was being linked into a project that eventually went to build a DLL. Because the export statements were there in libssh2, they were added as exports to my DLL. I don't feel a library should do that sort of thing in someone else's DLL. I actually try to control my DLL exports very carefully because my products have been hacked in the past (people disassembling and finding security vulnerabilities). In addition to taking every precaution in the security area (such as the secure run-time functions), I try to make disassembling as difficult as possible by not passing through function names as exports and using only ordinal numbers. > Would you mind to elaborate a little bit on the changes and adapt the code > style to the existing libssh2 code? I apologize for not adopting the correct style. I had thought I did. Can you give me an example of what I did wrong? Thanks, Bob > -----Original Message----- > From: libssh2-devel [mailto:libssh2-devel-bounces@cool.haxx.se] On Behalf > Of Marc Hoersken > Sent: Sunday, May 18, 2014 7:11 AM > To: libssh2-devel@cool.haxx.se > Subject: Re: Patches for Windows, Wincng, Visual Studio > > Hello Bob, > > thanks again for your patches. I applied slight modifications of the following > patches: > > 0001-formal-parameter-must-be-const-since-it-is-used-in-c.patch > 0001-Remove-redundant-inline-define.patch > 0001-Wincng-define-function-prototypes-for-wincng-routine.patch > 0003-in-Windows-a-socket-is-of-type-SOCKET-not-int.patch > 0004-a-1-bit-bit-field-should-be-unsigned-some-compilers-.patch > 0005-openssl-should-not-compile-unless-it-is-specifically.patch > > On 08.04.2014 23:36, Bob Kast wrote: > > 0001-Add-Visual-Studio-2013-solution-project-files.patch: > > > > I understand that you are working on a cmake system that will create > > Visual Studio project files. Until that time, I have a patch that > > includes project files for VS2013. It can be something temporary or it > > can be something used as a model for creating the cmake files. > > I am holding back the following patches until we figured out an approach to > generate Visual Studio project files: > > 0001-Add-Visual-Studio-2013-solution-project-files.patch > 0001-for-MS-VS-builds-specify-the-libraries-that-are-requ.patch > > My preference would be something like the Visual Studio files and > generation scripts Steve Holme did for curl. > See the following mailinglist posts to the curl-library mailinglist for more > information: > > http://curl.haxx.se/mail/lib-2014-04/0059.html > http://thread.gmane.org/gmane.comp.web.curl.library/42126 (complete > thread) > > > 0001-Use-secure-versions-of-CRT-library.patch: > > > > Libssh2 uses deprecated versions of the run-time library. This patch > > updates that so they use the secure versions. For my changes to > > correctly compile on non-Windows systems, you need to add the > > following defines. I was not sure where these should be added: > > > > #define SNPRINTF snprintf > > #define VSNPRINTF vsnprintf > > I think we need more feedback/information regarding the following patches > before they can be merged: > > 0001-Use-secure-versions-of-CRT-library.patch > I agree that libssh2 should use the secure string formatting functions if they > are available. > I am just not sure if macros and various ifdefs are the best approach. > Maybe we can create internal snprintf and vsnprintf wrapper functions > instead? > Like curlx: https://github.com/bagder/curl/blob/master/lib/curlx.h > > 0001-Windows-library-don-t-export-externals.patch > I checked the generated libssh2-1.dll and there were no exports besides the > libssh2 API functions. > Why do you think this patch is necessary and to which build scenario does it > apply? > > 0001-Windows-Tracing-use-OutputDebugString.patch > It's definitely a good idea to use OutputDebugString instead of fprintf, but > maybe there > should be a separate define for that instead of using the following: > "#if defined(WIN32) && !defined(__MINGW32__) > && !defined(__CYGWIN__)" > > Would you mind to elaborate a little bit on the changes and adapt the code > style to the existing libssh2 code? > > Thanks in advance. > > Best regards, > Marc > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 16:26:25 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JEQ64N028125; Mon, 19 May 2014 16:26:22 +0200 Received: from vps1.hno.se (vps1.hno.se [IPv6:2a02:750:5::f0]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JEQ4UE028117 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 19 May 2014 16:26:05 +0200 Received: from home.hno.se (home.hno.se [IPv6:2001:470:df90::1]) (authenticated bits=128) by vps1.hno.se (8.14.4/8.14.4) with ESMTP id s4JEQ4Ac006317 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 19 May 2014 16:26:05 +0200 Received: from henrik ([127.0.0.1]) (authenticated bits=0) by home.hno.se (8.14.5/8.14.5) with ESMTP id s4JEPsQL025703 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 19 May 2014 16:25:57 +0200 Message-ID: <1400509552.17536.5.camel@localhost> Subject: Re: [PATCH] Do not expose private libraries nor link flags to clients of libssh2 From: Henrik =?ISO-8859-1?Q?Nordstr=F6m?= To: libssh2 development Date: Mon, 19 May 2014 16:25:52 +0200 In-Reply-To: <1400486956-18159-1-git-send-email-dottedmag@dottedmag.net> References: <1400486956-18159-1-git-send-email-dottedmag@dottedmag.net> X-Mailer: Evolution 3.10.4 (3.10.4-2.fc20) Mime-Version: 1.0 X-Spam-Status: No, score=-0.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, DATE_IN_FUTURE_24_48 autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on home.hno.se Cc: Mikhail Gusarov X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id s4JEQ64N028125 mån 2014-05-19 klockan 10:09 +0200 skrev Mikhail Gusarov: > --- a/libssh2.pc.in > +++ b/libssh2.pc.in > @@ -12,6 +12,6 @@ URL: http://www.libssh2.org/ > Description: Library for SSH-based communication > Version: @LIBSSH2VER@ > Requires.private: @LIBSREQUIRED@ > -Libs: -L${libdir} -lssh2 @LDFLAGS@ @LIBS@ > +Libs: -L${libdir} -lssh2 If there is linker flags or libs that is not needed then those should perhaps not be there in the first place? libssh do require a number of other libraries, and you can not omit those here without causing applications to fail linking. Regards Henrik _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 16:35:24 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JEZKvm006455; Mon, 19 May 2014 16:35:24 +0200 Received: from mail-qg0-x22c.google.com (mail-qg0-x22c.google.com [IPv6:2607:f8b0:400d:c04::22c]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JEZIX6006020 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Mon, 19 May 2014 16:35:19 +0200 Received: by mail-qg0-f44.google.com with SMTP id i50so8757751qgf.17 for ; Mon, 19 May 2014 07:35:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=iqhrnqgclDWBOHsZxh/0O0Ojrwx3ud4Djlf28DfwBnY=; b=jtFc+28c8iqVxHKtz9/c0JMOoXlTT4vbGKblZxptLobJQt7A7KnDyEiAdGQhNX/up+ yPCO+7Voih7iPpVobB90eMWYxBnCSQFRuIVsMT84V9riA6WetfiXJBDODbvZAW/Xqss2 R5p+uAg7+GNczxu5ayr2GFEhA28hnhF//YOUWVfM8UMRz8T2LLgVBXhi9giY7Q0CTj6f s6X+g5WumqGs0p+pV6LftV36C8l46lptXHHp5p8Bh/FNPccymAh9RfP6mPh9EEDrDSR7 nmB5Z/lhdtrs+pGiEXe4T6qdtNQ7JHvyQ/QqRDirfLjeG+FHXi6jsJJvr3nR1XsFH5YI PK7w== X-Received: by 10.224.47.130 with SMTP id n2mr48400769qaf.26.1400510113661; Mon, 19 May 2014 07:35:13 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.86.194 with HTTP; Mon, 19 May 2014 07:34:33 -0700 (PDT) In-Reply-To: <1400509552.17536.5.camel@localhost> References: <1400486956-18159-1-git-send-email-dottedmag@dottedmag.net> <1400509552.17536.5.camel@localhost> From: Mikhail Gusarov Date: Mon, 19 May 2014 16:34:33 +0200 X-Google-Sender-Auth: wq3eBg6qYKH_7fQSlylvsX4xrB0 Message-ID: Subject: Re: [PATCH] Do not expose private libraries nor link flags to clients of libssh2 To: =?UTF-8?Q?Henrik_Nordstr=C3=B6m?= Cc: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1474666036==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1474666036== Content-Type: multipart/alternative; boundary=001a1134b004d4678404f9c1ab29 --001a1134b004d4678404f9c1ab29 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Mon, May 19, 2014 at 4:25 PM, Henrik Nordstr=C3=B6m < henrik@henriknordstrom.net> wrote: If there is linker flags or libs that is not needed then those should > perhaps not be there in the first place? > Linker flags needed to build libssh2 itself are not identical to those which needed to be passed to dependent software. > libssh do require a number of other libraries, and you can not omit > those here without causing applications to fail linking. > In the world of ELF (and even Mach-O) one can. That's why Libs and Libs.private keys exist, latter only exposed if one asks pkg-config to provide options for static linking. --001a1134b004d4678404f9c1ab29 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
On M= on, May 19, 2014 at 4:25 PM, Henrik Nordstr=C3=B6m <henrik@henrik= nordstrom.net> wrote:

If there is l= inker flags or libs that is not needed then those should
perhaps not be there in the first place?

Linker flags needed to build libssh2 itself are not identical to those wh= ich needed to be passed to dependent software.=C2=A0
=C2=A0
=
libssh do require a number of other libraries, and you can not omit
those here without causing applications to fail linking.

In the world of ELF (and even Mach-O) one can. That's= why Libs and Libs.private keys exist, latter only exposed if one asks pkg-= config to provide options for static linking.

--001a1134b004d4678404f9c1ab29-- --===============1474666036== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1474666036==-- From libssh2-devel-bounces@cool.haxx.se Mon May 19 19:30:12 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JHTjE2027794; Mon, 19 May 2014 19:30:08 +0200 Received: from mx.uxnr.de (mx.uxnr.de [IPv6:2a00:1828:2000:378:2525:0:59ee:542f]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JHTiIh027740 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2014 19:29:45 +0200 Received: from [10.1.1.152] (MH02.ob01.uxnr.net [10.1.1.152]) by mx.uxnr.de (Postfix) with ESMTPSA id 00BFC1C5A366 for ; Mon, 19 May 2014 19:29:19 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 00BFC1C5A366 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1400520560; bh=205N13Qcx3POl4bd+bbW8YWpfjtyFaox3o6xHSIFzt0=; h=Date:From:To:Subject:References:In-Reply-To:From; b=d+e9cT/dIJtH+4ohv4gWar5rl7bt9giLvr8izkhj1DFv9WAzAnxfzC253fYaldc0K u9DEzEfCP3ppa0fi1/VoVWCCmBAYp2d/ldbNAko1jIHJg0DfZwXamvLLPbGFDPxBQL Ax2nlDyFNjL3jKKA9JOoUl1a+ql4rzFJvigPVzMQ= Message-ID: <537A3F7F.30003@marc-hoersken.de> Date: Mon, 19 May 2014 19:29:35 +0200 From: Marc Hoersken User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: Patches for Windows, Wincng, Visual Studio References: <53789533.7020302@marc-hoersken.de> In-Reply-To: X-Enigmail-Version: 1.6 X-Spam-Status: No, score=-1.1 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 19.05.2014 15:18, Bob Kast wrote: > The patch: "0001-for-MS-VS-builds-specify-the-libraries-that-are-requ.patch > " has nothing to do with whether VS project files are used or not. The point > of this patch is to build into the library the instructions of what > libraries need to be linked in. Putting this in the C source has several > benefits: > - if the user is building a static library, these instructions pass through > to the project using the library. The idea is this: If a user is building an > application XYZ and links in a static library of libssh2.lib, he will also > need to specify to link in BCRYPT.lib and CRYPT32.lib. These are libraries > that he is not using directly but are being used by libssh2 so it may be > confusing. By including these statements, he needs to link only libssh2 and > libssh2 will direct what it needs under the covers. > - Windows project files typically have many configurations (release, debug, > x64, x86, etc.). The libraries to include typically are needed for all > configurations, and it is easy to have a configuration miss some parameter. > This puts it in one place instead of 4 or more places. Okay, I understand and see the benefits now. Thanks for the clarification. Would you mind testing it using the following #ifdef condition instead of yours? #ifdef _MSC_VER I like to be as explicit as possible regarding conditions for compiler-specific directives. If that works for you, I would be glad to go ahead and merge your patch using that simplified, but hopefully more explicit condition. > Because the export statements were there in libssh2, they were added > as exports to my DLL. I don't feel a library should do that sort of thing in > someone else's DLL. Sounds reasonable to me. Thanks, merged and pushed with an updated commit message based upon your clarification. > I apologize for not adopting the correct style. I had thought I did. Can you > give me an example of what I did wrong? Sorry, I should have been more clear with regards to what I meant with "code style". From my personal perspective on the libssh2 source code, I think the approach is to avoid complex constructs unless they are necessary. Please see my comments regarding the three patches which in my opinion require more feedback/information from my last email. Best regards, Marc _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 20:10:52 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIAheT023371; Mon, 19 May 2014 20:10:50 +0200 Received: from homiemail-a22.g.dreamhost.com (sub3.mail.dreamhost.com [69.163.253.7]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIAgQC023360 for ; Mon, 19 May 2014 20:10:42 +0200 Received: from homiemail-a22.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a22.g.dreamhost.com (Postfix) with ESMTP id D31DE1A8069; Mon, 19 May 2014 11:10:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zuber.net; h=from :content-type:content-transfer-encoding:date:subject:to :message-id:mime-version; s=zuber.net; bh=9jF+iax5PRujIvgrnHw1Mh zltvU=; b=H3JpGT8hoHJEDbu4y35j56x/PViX1DThaP2I9oWtZssX1EtwQKFK58 jfKAdK8mTL9iHHXAFX4FXI8+fO5XPKOX/ns82FuQSWnJvFW9yrWuskZBT6ql9BWj x33eESR3uLKoAzfM6rzVk4Wh38lMumGK3SESD7T9TA/G7KDY/ZJxU= Received: from [192.168.128.236] (c-76-102-192-216.hsd1.ca.comcast.net [76.102.192.216]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: rob@zuber.net) by homiemail-a22.g.dreamhost.com (Postfix) with ESMTPSA id 90BBE1A8061; Mon, 19 May 2014 11:10:42 -0700 (PDT) From: Robert Zuber Date: Mon, 19 May 2014 11:10:42 -0700 Subject: public git server problem? To: libssh2-devel@cool.haxx.se Message-Id: <7EAE2245-76F8-47AA-87B6-0A6007CEB248@zuber.net> Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\)) X-Mailer: Apple Mail (2.1874) X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id s4JIAgQC023360 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hi, I'm trying to work on a project that has a git submodule dependency on libssh2, but since yesterday I've been getting the following: $ git clone git://git.libssh2.org/libssh2.git Cloning into 'libssh2'... fatal: read error: Connection reset by peer Pretty sure it worked Saturday evening (US west coast time). I've tried a few different machines in different locations on my side, but don't have any real git protocol debugging skills beyond that. Can anyone confirm if there is a server issue (or let me know if I should keep debugging on my side)? Thanks! Rob. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 20:11:09 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIB9gM026716; Mon, 19 May 2014 20:11:09 +0200 Received: from bay0-omc4-s17.bay0.hotmail.com (bay0-omc4-s17.bay0.hotmail.com [65.54.190.219]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIB6e2023521 for ; Mon, 19 May 2014 20:11:06 +0200 Received: from BAY407-EAS298 ([65.54.190.199]) by bay0-omc4-s17.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Mon, 19 May 2014 11:11:02 -0700 X-TMN: [TNaYjMsUQUEXJ5ZtrtUZC1qvKFROpnxQ] X-Originating-Email: [bob_2824@hotmail.com] Message-ID: From: Bob Kast To: "'libssh2 development'" References: <53789533.7020302@marc-hoersken.de> <537A3F7F.30003@marc-hoersken.de> In-Reply-To: <537A3F7F.30003@marc-hoersken.de> Subject: RE: Patches for Windows, Wincng, Visual Studio Date: Mon, 19 May 2014 14:11:03 -0400 MIME-Version: 1.0 X-Mailer: Microsoft Outlook 15.0 Thread-Index: AQABAgMEDfU2e3UNVLXNs3ZQ71CRSQCj/wb6AE2QlRcAy3BSP57XLihw Content-Language: en-us X-OriginalArrivalTime: 19 May 2014 18:11:02.0537 (UTC) FILETIME=[B1AAAF90:01CF738D] X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" > Okay, I understand and see the benefits now. Thanks for the clarification. > Would you mind testing it using the following #ifdef condition instead of > yours? > > #ifdef _MSC_VER That would work fine for Visual Studio. Thanks, Bob _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 20:19:06 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIJ3Bc001657; Mon, 19 May 2014 20:19:05 +0200 Received: from mx.uxnr.de (mx.uxnr.de [89.238.84.47]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIJ2ie001456 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2014 20:19:02 +0200 Received: from [10.1.1.152] (MH02.ob01.uxnr.net [10.1.1.152]) by mx.uxnr.de (Postfix) with ESMTPSA id D4C491C5A366 for ; Mon, 19 May 2014 20:18:37 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de D4C491C5A366 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1400523518; bh=BbGbu6w/qCbtyOtPiPZf70h6vN6ceXUbKoBYMDDL3zU=; h=Date:From:To:Subject:References:In-Reply-To:From; b=r2K4JPBkGN1pMQ1d2z8CT9wxmkKRpvntqXeQdTRRPuvA/FatmOklkJw1/di4H0wb1 RsBDtai7C08dduF5WwBC8BctKmehBhra5bamSsN+syJgPNohpY4tY6jK6IFeRKQ2UJ TqVfICWX4FuQGaaTr2ruNBc1w5Sh8bReVLPnwk0s= Message-ID: <537A4B0D.3080309@marc-hoersken.de> Date: Mon, 19 May 2014 20:18:53 +0200 From: Marc Hoersken User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: public git server problem? References: <7EAE2245-76F8-47AA-87B6-0A6007CEB248@zuber.net> In-Reply-To: <7EAE2245-76F8-47AA-87B6-0A6007CEB248@zuber.net> X-Enigmail-Version: 1.6 X-Spam-Status: No, score=-1.1 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 19.05.2014 20:10, Robert Zuber wrote: > Can anyone confirm if there is a server issue (or let me know if I should keep debugging on my side)? I can confirm that I have the same problem using git://git.libssh2.org/libssh2.git But the HTTPS endpoint is working: https://git.libssh2.org/libssh2.git _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 20:21:21 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JILI55004131; Mon, 19 May 2014 20:21:21 +0200 Received: from nm30-vm0.bullet.mail.bf1.yahoo.com (nm30-vm0.bullet.mail.bf1.yahoo.com [98.139.213.126]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JILEVM004017 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 19 May 2014 20:21:15 +0200 Received: from [98.139.212.153] by nm30.bullet.mail.bf1.yahoo.com with NNFMP; 19 May 2014 18:21:10 -0000 Received: from [98.139.211.205] by tm10.bullet.mail.bf1.yahoo.com with NNFMP; 19 May 2014 18:21:10 -0000 Received: from [127.0.0.1] by smtp214.mail.bf1.yahoo.com with NNFMP; 19 May 2014 18:21:10 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1400523670; bh=rQOPuz9CmPmY3OEi2A8hC4WuHgXQFh8tudr7Wvu6EZs=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:X-Rocket-Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=fjOEVUh7Juow7g/hJL/EFx43EO7CCMGykNyrfZHtz19u8aTyzTo+4EO0LTOG6VI3AI9MQBaRHxEiwodBfimkgLFPXZmyM83ReeqoIfgcpSUu8aTaReenXTvhI52TZ+kas1D6f3AxVzZNwGr/Q4BCmbQnvUK0chFsr1KCXE4ExC8= X-Yahoo-Newman-Id: 933007.88750.bm@smtp214.mail.bf1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: wzZ.GTkVM1nKHeSrZ1xWKBvkt_M0iquQLJFED7jFADTRn2A V5WfvI571EBJx8PEs76qFr8pCCDK6Fh95oFsvj9BrnlPAKVfWa6Td2ROLNu6 9HNNL1hoiq5ZERMZa77VvjySaCuaaTKx_28xmN0rDifGPW4eTDIaLZlPoJa_ HtP0WjCQdoXoBFq5OPo1QsAArG5wisiLqMB7CUQ_31ru2ieVFTE0ytdNoEAp HtFIP7pg.sp2nZ5cyEGWL0S6punOmHDoGWHHfAVnrSkMkUN81fffZ.vt2imy pjir4ly5dyW00owf0E7QKNnkahBbUzWv8u4Al4QS4ivuv54DGYDtrAdoLVW2 HmaMJHHt0K98S8zTenUn_JDhmf1yxbK3XvL_0QrRAAAS1lQxVOl6CtMQE4Q6 7Ux4E9Sn3PnsjLfmpFQQzZdbOfuKCMQyR0J6zETRzLdoFAkWxmm1oT3B3Q5c APlzz2OTXtHhJvgdGb0_TqMg1YIUMW16Ub0leKoCRMcOi38UWaBDWiIEXrT9 gqt05lHzPkxn6a.aUXoAOzFWnZ1rXKUiYW7pBRVEV9uZSTLdNAwXh_iA3Qbv 7Lo51v0xkRyIBSA0N_9vTxWM3AMunCbJrYLFz5g-- X-Yahoo-SMTP: 9Tlp3zGswBAMIZY7LhANokCU9rJ2SQ-- X-Rocket-Received: from [192.168.1.80] (raysatiro@24.44.245.87 with plain [98.138.105.21]) by smtp214.mail.bf1.yahoo.com with SMTP; 19 May 2014 11:21:10 -0700 PDT Message-ID: <537A4B88.4020800@yahoo.com> Date: Mon, 19 May 2014 14:20:56 -0400 From: Ray Satiro User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2 development , Robert Zuber Subject: Re: public git server problem? References: <7EAE2245-76F8-47AA-87B6-0A6007CEB248@zuber.net> In-Reply-To: <7EAE2245-76F8-47AA-87B6-0A6007CEB248@zuber.net> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 5/19/2014 2:10 PM, Robert Zuber wrote: > Hi, > > I'm trying to work on a project that has a git submodule dependency on libssh2, but since yesterday I've been getting the following: > > $ git clone git://git.libssh2.org/libssh2.git > Cloning into 'libssh2'... > fatal: read error: Connection reset by peer Yeah I also get that: $ git clone git://git.libssh2.org/libssh2.git Cloning into 'libssh2'... fatal: read error: Invalid argument Try git clone https://git.libssh2.org/libssh2.git that worked for me a minute ago _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 20:31:16 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIV5OS017922; Mon, 19 May 2014 20:31:15 +0200 Received: from mx.uxnr.de (mx.uxnr.de [IPv6:2a00:1828:2000:378:2525:0:59ee:542f]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIV3oQ017671 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2014 20:31:03 +0200 Received: from [10.1.1.152] (MH02.ob01.uxnr.net [10.1.1.152]) by mx.uxnr.de (Postfix) with ESMTPSA id 43C081C5A366 for ; Mon, 19 May 2014 20:30:38 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 43C081C5A366 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1400524238; bh=IA8O4a4ZLoH5e0iXKKRflRp50TwZSI3pFRdNXBu4H24=; h=Date:From:To:Subject:References:In-Reply-To:From; b=TCgWbcJ+m6vOrcEPDxNwWOatDNFFXK+De47X7d2+0wXWfwWBVnzMYBkPOKR35Rfcc igSdLiJytiA0zFNCxy65N83gtLKysfrnmfZtj3RcG7sFO9RnpzoqnruoR9vEhA8Xwh Im+6HWcbTsJAVaZeuAAWV1GvqIzgN2y7p9ISg8Sc= Message-ID: <537A4DDD.4060408@marc-hoersken.de> Date: Mon, 19 May 2014 20:30:53 +0200 From: Marc Hoersken User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: Patches for Windows, Wincng, Visual Studio References: <53789533.7020302@marc-hoersken.de> <537A3F7F.30003@marc-hoersken.de> In-Reply-To: X-Enigmail-Version: 1.6 X-Spam-Status: No, score=-1.1 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 19.05.2014 20:11, Bob Kast wrote: > That would work fine for Visual Studio. Thanks. By the way, are you sure that wincng.c is the correct place for those pragma comments? Don't they need to go into wincng.h in order to be picked up for dependent projects? _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 20:43:25 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIhI3Q006685; Mon, 19 May 2014 20:43:23 +0200 Received: from bay0-omc4-s19.bay0.hotmail.com (bay0-omc4-s19.bay0.hotmail.com [65.54.190.221]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIhGuM006593 for ; Mon, 19 May 2014 20:43:17 +0200 Received: from BAY407-EAS281 ([65.54.190.200]) by bay0-omc4-s19.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Mon, 19 May 2014 11:43:13 -0700 X-TMN: [+Y6nN4T2hxqXbQUp4+HztX8PaGXd8g70] X-Originating-Email: [bob_2824@hotmail.com] Message-ID: From: Bob Kast To: "'libssh2 development'" References: <53789533.7020302@marc-hoersken.de> <537A3F7F.30003@marc-hoersken.de> <537A4DDD.4060408@marc-hoersken.de> In-Reply-To: <537A4DDD.4060408@marc-hoersken.de> Subject: RE: Patches for Windows, Wincng, Visual Studio Date: Mon, 19 May 2014 14:43:14 -0400 MIME-Version: 1.0 X-Mailer: Microsoft Outlook 15.0 Thread-Index: AQABAgMEDfU2e3UNVLXNs3ZQ71CRSQCj/wb6AE2QlRcAy3BSPwBTTOkaABPBNROe0/5EkA== Content-Language: en-us X-OriginalArrivalTime: 19 May 2014 18:43:13.0033 (UTC) FILETIME=[3054FF90:01CF7392] X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" It needs to go into wincng.c, after the LIBSSH2_WINCNG define: #ifdef LIBSSH2_WINCNG /* compile only if we build with wincng */ #ifdef _MSC_VER #pragma comment(lib, "Bcrypt.lib") #pragma comment(lib, "Crypt32.lib") #endif If it is included outside of that ifdef, then the linker will be told to link with those libraries even though wincng is not being compiled in (not a disaster, but not necessary). This pragma inserts a comment record into the object file generated by the compiler that tells the linker to add that library to the libs being linked. Think of it more as executable code. It is not something that would go into a header file. > -----Original Message----- > From: libssh2-devel [mailto:libssh2-devel-bounces@cool.haxx.se] On Behalf > Of Marc Hoersken > Sent: Monday, May 19, 2014 2:31 PM > To: libssh2-devel@cool.haxx.se > Subject: Re: Patches for Windows, Wincng, Visual Studio > > On 19.05.2014 20:11, Bob Kast wrote: > > That would work fine for Visual Studio. > > Thanks. By the way, are you sure that wincng.c is the correct place for those > pragma comments? > Don't they need to go into wincng.h in order to be picked up for dependent > projects? > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 20:50:46 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIoe2d023256; Mon, 19 May 2014 20:50:44 +0200 Received: from mx.uxnr.de (mx.uxnr.de [IPv6:2a00:1828:2000:378:2525:0:59ee:542f]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIocMZ023068 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2014 20:50:39 +0200 Received: from [10.1.1.152] (MH02.ob01.uxnr.net [10.1.1.152]) by mx.uxnr.de (Postfix) with ESMTPSA id 9728D1C5A366 for ; Mon, 19 May 2014 20:50:13 +0200 (CEST) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 9728D1C5A366 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1400525413; bh=B9pZ5bawb8WC0hldLJ8DOEPAK/3U2fEua1McHXxglAM=; h=Date:From:To:Subject:References:In-Reply-To:From; b=Ri14HV8dFfMzMdkSYXgskhfT71s0lhMSl0CdeebvaljYkiholX5NnzsUGScjDAZhR tGE843gldXE9x6MgZd9P8btA7zG3z0or/H/iS/qHTlsLNeww2El3pu0Bg1wYvHtNLz E6iPrPG/XbGIXuhHn/a4usWQD2JpO3Hrbo5pwlAo= Message-ID: <537A5275.8030600@marc-hoersken.de> Date: Mon, 19 May 2014 20:50:29 +0200 From: Marc Hoersken User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: libssh2-devel@cool.haxx.se Subject: Re: Patches for Windows, Wincng, Visual Studio References: <53789533.7020302@marc-hoersken.de> <537A3F7F.30003@marc-hoersken.de> <537A4DDD.4060408@marc-hoersken.de> In-Reply-To: X-Enigmail-Version: 1.6 X-Spam-Status: No, score=-1.1 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On 19.05.2014 20:43, Bob Kast wrote: > If it is included outside of that ifdef, then the linker will be told to > link with those libraries even though wincng is not being compiled in (not a > disaster, but not necessary). Of course I would have put them inside an #ifdef LIBSSH2_WINCNG within the header file. ;-) > This pragma inserts a comment record into the object file generated by the > compiler that tells the linker to add that library to the libs being linked. > Think of it more as executable code. It is not something that would go into > a header file. Thanks, that makes sense. Merged and pushed with a slight modification to only add crypt32.lib if HAVE_LIBCRYPT32 is defined and therefore wincrypt.h is included, even though that will probably always be the case on Windows. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon May 19 20:57:19 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIvFXx001753; Mon, 19 May 2014 20:57:19 +0200 Received: from homiemail-a76.g.dreamhost.com (sub3.mail.dreamhost.com [69.163.253.7]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JIvCZH001730 for ; Mon, 19 May 2014 20:57:13 +0200 Received: from homiemail-a76.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a76.g.dreamhost.com (Postfix) with ESMTP id 06764C003; Mon, 19 May 2014 11:57:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zuber.net; h=content-type :mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; s=zuber.net ; bh=kDAlqldC+929iC6xyJI74LbI730=; b=AJ49oe9ZjcuyvLg1uPUWDmlxUTl q60v4wdUO74BV9fDEa64CXFVJVfElq5TpLKqeApGhG2lLqCF08XNohgSuOmTuZ12 PuRqOhlqgjzHl4eCV1Tw+NB/tDJlg3G4IM60fgLZhdleemVGeYNRO4Y4KXWY1ITx EeQKusYAfTUxCNeY= Received: from [192.168.128.236] (c-76-102-192-216.hsd1.ca.comcast.net [76.102.192.216]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: rob@zuber.net) by homiemail-a76.g.dreamhost.com (Postfix) with ESMTPSA id B3884C001; Mon, 19 May 2014 11:57:13 -0700 (PDT) Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\)) Subject: Re: public git server problem? From: Robert Zuber In-Reply-To: <537A4B0D.3080309@marc-hoersken.de> Date: Mon, 19 May 2014 11:57:13 -0700 Message-Id: References: <7EAE2245-76F8-47AA-87B6-0A6007CEB248@zuber.net> <537A4B0D.3080309@marc-hoersken.de> To: libssh2 development X-Mailer: Apple Mail (2.1874) X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id s4JIvCZH001730 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On May 19, 2014, at 11:18 AM, Marc Hoersken wrote: > But the HTTPS endpoint is working: https://git.libssh2.org/libssh2.git Great, thanks. I didn't have the CAcert root, but added that and all is working now via https. _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue May 20 00:26:18 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JMPufN028241; Tue, 20 May 2014 00:26:15 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JMPs3F028231 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 20 May 2014 00:25:54 +0200 Received: (qmail 688 invoked by uid 501); 19 May 2014 22:25:56 -0000 Message-ID: <20140519222556.687.qmail@stuge.se> Date: Tue, 20 May 2014 00:25:56 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: public git server problem? Mail-Followup-To: libssh2-devel@cool.haxx.se References: <7EAE2245-76F8-47AA-87B6-0A6007CEB248@zuber.net> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <7EAE2245-76F8-47AA-87B6-0A6007CEB248@zuber.net> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Robert Zuber wrote: > $ git clone git://git.libssh2.org/libssh2.git > Cloning into 'libssh2'... > fatal: read error: Connection reset by peer > > Pretty sure it worked Saturday evening (US west coast time). Thanks for the notice! This is indeed a server problem. A large number of hanging git-daemon processes which for whatever reason haven't timed out and are clogging things up. I've kicked the service, so now it should work again. Sorry about the trouble - good that https worked! (http:// works too, same URL for gitweb as for git clone.) //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue May 20 00:35:28 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JMZNLS008333; Tue, 20 May 2014 00:35:27 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4JMZM8m008288 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 20 May 2014 00:35:22 +0200 Received: (qmail 1587 invoked by uid 501); 19 May 2014 22:35:24 -0000 Message-ID: <20140519223524.1586.qmail@stuge.se> Date: Tue, 20 May 2014 00:35:24 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Back on the release track Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Daniel Stenberg wrote: > I think a release is possible by the end of this week. I guess go for it. I just really dislike adding back the #ifdefs in crypto source files. I don't agree with making code support the lowest common denominator of all build systems. I prefer taking advantage of features in more advanced build systems and making less advanced build systems suffer, if the common case for us benefits from those advantages in more advanced build systems. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue May 20 09:44:10 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4K7hfJw010389; Tue, 20 May 2014 09:44:05 +0200 Received: from giant.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4K7hd7b010227 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 20 May 2014 09:43:39 +0200 Received: from localhost (dast@localhost) by giant.haxx.se (8.14.4/8.14.4/Submit) with ESMTP id s4K7hdem010224 for ; Tue, 20 May 2014 09:43:39 +0200 X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs Date: Tue, 20 May 2014 09:43:39 +0200 (CEST) From: Daniel Stenberg X-X-Sender: dast@giant.haxx.se To: libssh2 development Subject: Re: Back on the release track In-Reply-To: <20140519223524.1586.qmail@stuge.se> Message-ID: References: <20140519223524.1586.qmail@stuge.se> User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) X-fromdanielhimself: yes MIME-Version: 1.0 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" On Tue, 20 May 2014, Peter Stuge wrote: > I just really dislike adding back the #ifdefs in crypto source files. I > don't agree with making code support the lowest common denominator of all > build systems. I prefer taking advantage of features in more advanced build > systems and making less advanced build systems suffer, if the common case > for us benefits from those advantages in more advanced build systems. This is a question where we simply disagree. My reasoning for keeping those small lines is that even if "proper" build systems have no problems to build the correct files, I've found many times when people want to build that it is a much less support burden when you can just tell users to build all files. If that doesn't work, the less educated will fail and come asking us more. I consider a few #ifdef lines for that reason is a very low price to pay. As we've already stated this before, I consider our positions locked and I don't expect any of us to suddenly think different now. -- / daniel.haxx.se _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Wed May 21 17:20:43 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4LFKH7k014177; Wed, 21 May 2014 17:20:38 +0200 Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4LFKFPN014083 for ; Wed, 21 May 2014 17:20:15 +0200 Received: from [46.207.115.244] by 3capp-gmx-bs01 with HTTP; Wed, 21 May 2014 17:20:06 +0200 MIME-Version: 1.0 Message-ID: From: lars.lindstrom@gmx.at To: libssh2-devel@cool.haxx.se Subject: Exec-Channel through intermediate host Date: Wed, 21 May 2014 17:20:06 +0200 Importance: normal Sensitivity: Normal X-Priority: 3 X-Provags-ID: V03:K0:2vVbTbaGX+nVTWaEGZUSJ2tYpZEiReJQuvVg6m/Iv6n Mf7we7nlBvEIxxPyc0TdkapH5N7FUS0NAj2UFL1yLoioEhi3Qh LAFHpf9SBZlGa4nGR9zuKSH4q8njd//ykKQsFk3wLCn//0IrpW nrz3EkYDxsEslF0IHfpK2b1JMm+zlijrGn89uu6vLjnTCfafpS RuA8/toMwDrU0U+g9i9loFM8EUS3gjUGt5iEJ/5DL9Qza59MAC fl9Jlp/J9Or05dTZM6VeeTS2ExdxZGGIikOXc6OwkDkuz2+uUm CQREw4= X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id s4LFKFPN014083 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id s4LFKH7k014177 Hi!   Please imagine the following configuration: A------------------------------------+ | Application 1 (libssh2)            | |                            1.0.0.1 | +------------------------------------+                                    ^                                    |                                    v B------------------------------------+ |                            1.0.0.2 | | 2.0.0.1                            | +------------------------------------+         ^         |         v C------------------------------------+ | 2.0.0.2                            | |                      Application 2 | +------------------------------------+ The application 1 (based on libssh2), running on host A is required to execute and retrieve the standard output of the application 2 running on host C. There is no direct link between host A and host C, but rather host C is reachable through the intermediate host B (both require password authentication). So an exec-channel through an intermediate host is required, and I'm now looking for a decent way to do this using libssh2. As far as I can tell from the documentation, I would need to create a direct-tcpip-channel to tunnel the exec-channel through the intermediate host B. To create the exec-channel, however, a session is required which itself requires a socket (which is not available for the direct-tcpip-channel, which requires libssh2_channel_read/write to get data through, not read/write). This means that I need to create another pair of sockets (maybe a unix domain socket) to loop the data through (the direct-tcpip-session and the exec-session) - which I want to avoid. So are there any options to establish a 'direct' exec-channel through an intermediate host (without acquiring an additional socketpair)? If not, what is the preferred solution in this case? Thanks! br Lars   _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu May 29 18:21:17 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGKixx024494; Thu, 29 May 2014 18:21:09 +0200 Received: from mail-ob0-x22d.google.com (mail-ob0-x22d.google.com [IPv6:2607:f8b0:4003:c01::22d]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGKgmL024476 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Thu, 29 May 2014 18:20:43 +0200 Received: by mail-ob0-f173.google.com with SMTP id wm4so553909obc.4 for ; Thu, 29 May 2014 09:20:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=MnLvZ4da57/HQ3qcFLhpb5BKhYXYGpZW5WacxzGxoRc=; b=Cd/rIO4mqOWeNEMG2Ykg2j02d6XFjXN2TLj/BANNI9X6MTgA8MiA7XPRgUtlU/lpAX eY0OysM4k1y3920ZicrXFFzlsI2SeR7S+yENuwT+A+yHA8y/v1jpY11PXjYEFlysBoGZ htxD+OIkm2XylK8WNkdypxsh1vT+5dx7K9nox1nisvylz5doPOsQ9S+AgR4esPRot4pl DHOGfCjg/dbshQQ2YgGEgzVv4c+FYhMc/uJM6OtBNo1VsDPjiPKIF1dUHwpwpM3oczKc 2lUpH2m5NRw7d++f2FCNuZEmxft0hnU1AmtY/Vh7aMx3Bsp7TnnTUv8pzVopqjXUUSaf adlQ== MIME-Version: 1.0 X-Received: by 10.60.83.232 with SMTP id t8mr9828121oey.16.1401380437743; Thu, 29 May 2014 09:20:37 -0700 (PDT) Received: by 10.76.86.102 with HTTP; Thu, 29 May 2014 09:20:37 -0700 (PDT) Date: Thu, 29 May 2014 09:20:37 -0700 Message-ID: Subject: bad username/password auth to Mac OS X/FreeBSD hosts. From: B Harder To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" I've got code that will connect to NetBSD, Solaris, Linux hosts and authenticate and Do What I Want. However, attempting to connect to a FreeBSD (10 release) or Mac OS X host yields authentication error. I'm sure the username/password is correct. If I use key-based authentication to these problem hosts though, everything works fine. Is there a known issue w/ OS X/FreeBSD ? Is there some boilerplate/reference code available for username/password authentication to use as basis for example to demonstrate? Kind regards, -bch _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu May 29 18:25:21 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGPJUP001537; Thu, 29 May 2014 18:25:20 +0200 Received: from mail-qg0-x230.google.com (mail-qg0-x230.google.com [IPv6:2607:f8b0:400d:c04::230]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGPGTO001453 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Thu, 29 May 2014 18:25:17 +0200 Received: by mail-qg0-f48.google.com with SMTP id i50so1662323qgf.7 for ; Thu, 29 May 2014 09:25:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:content-type; bh=+6K8RvEInton3YR4NeU9X3bX+MtTUMANZqWlcx+Ks1k=; b=iLKQB0SgXSbXM3cfvHozYcumnRroRzK7g/oxbGIapVvC0Z6m034+tdA0Qz8DyUuYcg pEkj5+Ltq+uj24v5w506mqRUauUPYQEvYn8+LkcNmqJQM6dUvEdOv6zVjBkcnzwc6Fkc l+FPLNIx/SLijKEMykInvAMN52EaJ34jJspMWXH/GPJFDNXVXJRLdZhozax4hHGlv8yp lc/lrpSS04JRGN9i757F5kFYaQD+ujq+eZzNwjtXVhP1unFGN/MFZb7TP5+kovoXCK5S hNVvGKZH8AgfTEghwep7c+Ddmn2GGSwF1vv0wdCPHxh8PZjrEf+o2ZFrM6kdOaM+ARjG HoBw== X-Received: by 10.140.31.119 with SMTP id e110mr11239171qge.74.1401380712499; Thu, 29 May 2014 09:25:12 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.86.194 with HTTP; Thu, 29 May 2014 09:24:32 -0700 (PDT) In-Reply-To: References: From: Mikhail Gusarov Date: Thu, 29 May 2014 18:24:32 +0200 X-Google-Sender-Auth: PS5RWr5Jdp_qCS0DM6ZgPK6u3h4 Message-ID: Subject: Re: bad username/password auth to Mac OS X/FreeBSD hosts. To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1304591260==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1304591260== Content-Type: multipart/alternative; boundary=001a113a9ba890885104fa8c5fae --001a113a9ba890885104fa8c5fae Content-Type: text/plain; charset=UTF-8 Probably those hosts disable password authentication and only enable keyboard-interactive one. Check out http://www.libssh2.org/examples/sftp.html Best regards, Mikhail Gusarov. On Thu, May 29, 2014 at 6:20 PM, B Harder wrote: > I've got code that will connect to NetBSD, Solaris, Linux hosts and > authenticate and Do What I Want. However, attempting to connect to a > FreeBSD (10 release) or Mac OS X host yields authentication error. I'm > sure the username/password is correct. If I use key-based > authentication to these problem hosts though, everything works fine. > > Is there a known issue w/ OS X/FreeBSD ? Is there some > boilerplate/reference code available for username/password > authentication to use as basis for example to demonstrate? > > Kind regards, > > -bch > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > --001a113a9ba890885104fa8c5fae Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Probably those hosts disable password authentication and o= nly enable keyboard-interactive one.




= Best regards,
Mikhail Gusarov.


On Thu, May 29, 2014 at 6:20 PM, B Harde= r <brad.harder@gmail.com> wrote:
I've got code that will connect to NetBSD, Solaris, Linux hosts and
authenticate and Do What I Want. However, attempting to connect to a
FreeBSD (10 release) or Mac OS X host yields authentication error. I'm<= br> sure the username/password is correct. If I use key-based
authentication to these problem hosts though, everything works fine.

Is there a known issue w/ OS X/FreeBSD ? Is there some
boilerplate/reference code available for username/password
authentication to use as basis for example to demonstrate?

Kind regards,

-bch
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/li= bssh2-devel

--001a113a9ba890885104fa8c5fae-- --===============1304591260== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1304591260==-- From libssh2-devel-bounces@cool.haxx.se Thu May 29 18:39:32 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGdQhJ016350; Thu, 29 May 2014 18:39:30 +0200 Received: from mail-oa0-x229.google.com (mail-oa0-x229.google.com [IPv6:2607:f8b0:4003:c02::229]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGdNAG016294 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Thu, 29 May 2014 18:39:24 +0200 Received: by mail-oa0-f41.google.com with SMTP id m1so611812oag.0 for ; Thu, 29 May 2014 09:39:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=l9X+ZKMhl//u5AsptPkut2SbE56cLwmr8qsqkVafQTE=; b=yGPM38nnCqeOgJF7odPOX6WZbMxIpOxI5JsHRXthAiWoRTaTBaXpaBxCGTaDYFcnCQ g+W/mvXjRJhknsF7QHLPYm3sfhNiScAygJ3PbvMNrwVTBTTEMTCy4GGOJwK4bwaW7Tkw Jxr1ttursHH2L66B2mDGjeJslOYzbomGU4UcUye/dY3TCqVoI25JpwbwmG9rLfWyLN9R Dgk1GCayrJ+Dr00+PziLwu5tv+BC3rmXt17d71KTZ2M3AtgLpIAUW/g1RmS/vsaw3jmi VdGYXWDxGjyExjBhINNN/plI/iLl377qqyKBKJlWNg1oBQUfJGYDokM3aCRn/nvaKuse A1xw== MIME-Version: 1.0 X-Received: by 10.182.213.168 with SMTP id nt8mr9610293obc.7.1401381559763; Thu, 29 May 2014 09:39:19 -0700 (PDT) Received: by 10.76.86.102 with HTTP; Thu, 29 May 2014 09:39:19 -0700 (PDT) In-Reply-To: References: Date: Thu, 29 May 2014 09:39:19 -0700 Message-ID: Subject: Re: bad username/password auth to Mac OS X/FreeBSD hosts. From: B Harder To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Hey Mikhail -- thanks for the response. I can use canonical ssh (OpenSSH) to authenticate and successfully connect to the hosts in question. I'm certainly _not_ beyond finding out the problem is with my code -- but I'm pretty curious how I can successfully (repeatedly) connect to some "class" of hosts, but not others. I'll see if I can tailor the sftp example to demonstrate my issue. Otherwise, I take it there are no known issues regarding FreeBSD/Mac OS X? (I wouldn't be surprised if their code/network stack is very closely related -- I've been experiencing my OS X problem for weeks now, and occasionally poking at the code to find a pain point -- when I experienced same issue with FreeBSD, I decided to post here for other people's experiences). -bch On 5/29/14, Mikhail Gusarov wrote: > Probably those hosts disable password authentication and only enable > keyboard-interactive one. > > Check out http://www.libssh2.org/examples/sftp.html > > > > Best regards, > Mikhail Gusarov. > > > On Thu, May 29, 2014 at 6:20 PM, B Harder wrote: > >> I've got code that will connect to NetBSD, Solaris, Linux hosts and >> authenticate and Do What I Want. However, attempting to connect to a >> FreeBSD (10 release) or Mac OS X host yields authentication error. I'm >> sure the username/password is correct. If I use key-based >> authentication to these problem hosts though, everything works fine. >> >> Is there a known issue w/ OS X/FreeBSD ? Is there some >> boilerplate/reference code available for username/password >> authentication to use as basis for example to demonstrate? >> >> Kind regards, >> >> -bch >> _______________________________________________ >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel >> > _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu May 29 18:51:10 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGp3ie031585; Thu, 29 May 2014 18:51:09 +0200 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGp2ch031565 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 29 May 2014 18:51:02 +0200 Received: (qmail 10406 invoked by uid 501); 29 May 2014 16:51:03 -0000 Message-ID: <20140529165103.10405.qmail@stuge.se> Date: Thu, 29 May 2014 18:51:03 +0200 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: bad username/password auth to Mac OS X/FreeBSD hosts. Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" B Harder wrote: > I'm certainly _not_ beyond finding out the problem is with my code It is. Your code is only capable of one authentication algorithm out of the several supported by the protocol. > -- but I'm pretty curious how I can successfully (repeatedly) > connect to some "class" of hosts, but not others. Learn more about the protocol so that you can make informed decisions about what parts you must implement and what parts are optional. Mikhail already pointed out exactly what the problem at hand is, and libssh2 supports keyboard-interactive without problems. The sftp.c example is one reference, ssh2.c is another reference. Both implement keyboard-interactive and ssh2.c is slightly shorter. > Otherwise, I take it there are no known issues regarding FreeBSD/Mac > OS X? There are no issues. > (I wouldn't be surprised if their code/network stack is very > closely related This has nothing to do with the network stack and is a matter of your client not doing everything neccessary to interoperate correctly with arbitrary SSH server configurations. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Thu May 29 18:55:30 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGtPH2002410; Thu, 29 May 2014 18:55:29 +0200 Received: from mail-qg0-x232.google.com (mail-qg0-x232.google.com [IPv6:2607:f8b0:400d:c04::232]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4TGtMVj002278 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Thu, 29 May 2014 18:55:23 +0200 Received: by mail-qg0-f50.google.com with SMTP id z60so1779978qgd.37 for ; Thu, 29 May 2014 09:55:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:content-type; bh=pkR0+NEcvdaIqvIYFZ4dPBoGtxshx6YNKB0BJQCBB20=; b=p1URPM1SXkYu0fnTWw+h92SWDVNGf2+DU9ONSONzBEpLJctQMjIS3lbVhLL5mtlS6G DqknbJhdjomM2j9UGGh5MsRvyUyl8KUvL3W4jHcvbi2OQzhNy1yTUFd32LmgW41L6xuv kj5J/9TbDJ3iH1P1d2V0n1zo2c7RWKFp7ecugcJcCmUG6F6Ai39yHyfMYgF++CyxU087 XjgoSUMXlMv6wFcRxOHAl/Sddw5ci6smeOoUdstXK6a4n02vz3bTt+KVoisbubjBhHFH z5rq4cfbBtltPVP3j9Di5rnFbVXl1+TpRdZTEKQiVQce5/WtUCR9NCMhQPybdNUjesbJ fVtw== X-Received: by 10.140.107.67 with SMTP id g61mr11556089qgf.100.1401382518653; Thu, 29 May 2014 09:55:18 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.86.194 with HTTP; Thu, 29 May 2014 09:54:38 -0700 (PDT) In-Reply-To: References: From: Mikhail Gusarov Date: Thu, 29 May 2014 18:54:38 +0200 X-Google-Sender-Auth: DEr8dO6p8kZFreDACQdBfauXy4A Message-ID: Subject: Re: bad username/password auth to Mac OS X/FreeBSD hosts. To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1388928607==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1388928607== Content-Type: multipart/alternative; boundary=001a113a63723808cd04fa8ccb56 --001a113a63723808cd04fa8ccb56 Content-Type: text/plain; charset=UTF-8 Hi. Some configurations enable "password" password authentication, others enable "keyboard-interactive" password authentication. Yes, it is confusing. And yes, it is what forced me to implement keyboard-interactive authentication in libssh2 in first place. If you run ssh -v, you'll see "Authentications that can continue" lines in the output. First one contains a full list of authentication methods accepted by the server. I'm pretty sure the hosts which you can't connect to using libssh2 will not have "password" init, but "keyboard-interactive" only. Best regards, Mikhail Gusarov. On Thu, May 29, 2014 at 6:39 PM, B Harder wrote: > Hey Mikhail -- thanks for the response. > > I can use canonical ssh (OpenSSH) to authenticate and successfully > connect to the hosts in question. I'm certainly _not_ beyond finding > out the problem is with my code -- but I'm pretty curious how I can > successfully (repeatedly) connect to some "class" of hosts, but not > others. > > I'll see if I can tailor the sftp example to demonstrate my issue. > > Otherwise, I take it there are no known issues regarding FreeBSD/Mac > OS X? (I wouldn't be surprised if their code/network stack is very > closely related -- I've been experiencing my OS X problem for weeks > now, and occasionally poking at the code to find a pain point -- when > I experienced same issue with FreeBSD, I decided to post here for > other people's experiences). > > > -bch > > On 5/29/14, Mikhail Gusarov wrote: > > Probably those hosts disable password authentication and only enable > > keyboard-interactive one. > > > > Check out http://www.libssh2.org/examples/sftp.html > > > > > > > > Best regards, > > Mikhail Gusarov. > > > > > > On Thu, May 29, 2014 at 6:20 PM, B Harder wrote: > > > >> I've got code that will connect to NetBSD, Solaris, Linux hosts and > >> authenticate and Do What I Want. However, attempting to connect to a > >> FreeBSD (10 release) or Mac OS X host yields authentication error. I'm > >> sure the username/password is correct. If I use key-based > >> authentication to these problem hosts though, everything works fine. > >> > >> Is there a known issue w/ OS X/FreeBSD ? Is there some > >> boilerplate/reference code available for username/password > >> authentication to use as basis for example to demonstrate? > >> > >> Kind regards, > >> > >> -bch > >> _______________________________________________ > >> libssh2-devel > http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > >> > > > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > --001a113a63723808cd04fa8ccb56 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi.

Some configurations enable "pa= ssword" password authentication, others enable "keyboard-interact= ive" password authentication. Yes, it is confusing. And yes, it is wha= t forced me to implement keyboard-interactive authentication in libssh2 in = first place.

If you run ssh -v, you'll see "Authentications= that can continue" lines in the output. First one contains a full lis= t of authentication methods accepted by the server. I'm pretty sure the= hosts which you can't connect to using libssh2 will not have "pas= sword" init, but "keyboard-interactive" only.



= Best regards,
Mikhail Gusarov.


On Thu, May 29, 2014 at 6:39 PM, B Harde= r <brad.harder@gmail.com> wrote:
Hey Mikhail -- thanks for the response.

I can use canonical ssh (OpenSSH) to authenticate and successfully
connect to the hosts in question. I'm certainly _not_ beyond finding out the problem is with my code -- but I'm pretty curious how I can
successfully (repeatedly) connect to some "class" of hosts, but n= ot
others.

I'll see if I can tailor the sftp example to demonstrate my issue.

Otherwise, I take it there are no known issues regarding FreeBSD/Mac
OS X? (I wouldn't be surprised if their code/network stack is very
closely related -- I've been experiencing my OS X problem for weeks
now, and occasionally poking at the code to find a pain point -- when
I experienced same issue with FreeBSD, I decided to post here for
other people's experiences).


-bch

On 5/29/14, Mikhail Gusarov <= dottedmag@dottedmag.net> wrote:
> Probably those hosts disable password authentication and only enable > keyboard-interactive one.
>
> Check out http://www.libssh2.org/examples/sftp.html
>
>
>
> Best regards,
> Mikhail Gusarov.
>
>
> On Thu, May 29, 2014 at 6:20 PM, B Harder <brad.harder@gmail.com> wrote:
>
>> I've got code that will connect to NetBSD, Solaris, Linux host= s and
>> authenticate and Do What I Want. However, attempting to connect to= a
>> FreeBSD (10 release) or Mac OS X host yields authentication error.= I'm
>> sure the username/password is correct. If I use key-based
>> authentication to these problem hosts though, everything works fin= e.
>>
>> Is there a known issue w/ OS X/FreeBSD ? Is there some
>> boilerplate/reference code available for username/password
>> authentication to use as basis for example to demonstrate?
>>
>> Kind regards,
>>
>> -bch
>> _______________________________________________
>> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/li= stinfo/libssh2-devel
>>
>
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/li= bssh2-devel

--001a113a63723808cd04fa8ccb56-- --===============1388928607== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel --===============1388928607==-- From libssh2-devel-bounces@cool.haxx.se Thu May 29 19:16:48 2014 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4THGfp2032188; Thu, 29 May 2014 19:16:47 +0200 Received: from mail-oa0-x22d.google.com (mail-oa0-x22d.google.com [IPv6:2607:f8b0:4003:c02::22d]) by giant.haxx.se (8.14.4/8.14.4/Debian-4.1) with ESMTP id s4THGdCq031988 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Thu, 29 May 2014 19:16:40 +0200 Received: by mail-oa0-f45.google.com with SMTP id l6so657516oag.4 for ; Thu, 29 May 2014 10:16:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=CtWoBblMTm8IZ2oH1Tn3TkynkxJCXmgQhq43adB7/eA=; b=QNXIh9Tg2L4lMEkal9WNccvgdIPT/W4Rugk/aAFsLAkj4jLL5lc1Pgl3wurCVEONV5 KoK4M3OA+EWIKlxklGG75fkMuk1S7n495cVEzih+m68tJ3Ak+Q+iTAHzh41YLGUhmCgw l4O9oW3O+ln13nPSLLXBt3TJcZkyx8hAobLYKB6duog7lcstS20f8zoZvAMD45diL4H0 ZQT1wW72bNa08UPzbtlNjLf6AkNHCEN6Zo7IXUEN89MpPKkwStD2mD81BU7nojZYiM3G 4NGM0fn6Z2AuXAD2HlZh3+oF9KpyZ1WysDGHDYm1oHazwFz13b+DD3XV1AKYLv9jgCey 285w== MIME-Version: 1.0 X-Received: by 10.182.66.170 with SMTP id g10mr10024697obt.49.1401383795475; Thu, 29 May 2014 10:16:35 -0700 (PDT) Received: by 10.76.86.102 with HTTP; Thu, 29 May 2014 10:16:35 -0700 (PDT) In-Reply-To: References: Date: Thu, 29 May 2014 10:16:35 -0700 Message-ID: Subject: Re: bad username/password auth to Mac OS X/FreeBSD hosts. From: B Harder To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Excellent response -- thanks for the clue. -bch On 5/29/14, Mikhail Gusarov wrote: > Hi. > > Some configurations enable "password" password authentication, others > enable "keyboard-interactive" password authentication. Yes, it is > confusing. And yes, it is what forced me to implement keyboard-interactive > authentication in libssh2 in first place. > > If you run ssh -v, you'll see "Authentications that can continue" lines in > the output. First one contains a full list of authentication methods > accepted by the server. I'm pretty sure the hosts which you can't connect > to using libssh2 will not have "password" init, but "keyboard-interactive" > only. > > > > Best regards, > Mikhail Gusarov. > > > On Thu, May 29, 2014 at 6:39 PM, B Harder wrote: > >> Hey Mikhail -- thanks for the response. >> >> I can use canonical ssh (OpenSSH) to authenticate and successfully >> connect to the hosts in question. I'm certainly _not_ beyond finding >> out the problem is with my code -- but I'm pretty curious how I can >> successfully (repeatedly) connect to some "class" of hosts, but not >> others. >> >> I'll see if I can tailor the sftp example to demonstrate my issue. >> >> Otherwise, I take it there are no known issues regarding FreeBSD/Mac >> OS X? (I wouldn't be surprised if their code/network stack is very >> closely related -- I've been experiencing my OS X problem for weeks >> now, and occasionally poking at the code to find a pain point -- when >> I experienced same issue with FreeBSD, I decided to post here for >> other people's experiences). >> >> >> -bch >> >> On 5/29/14, Mikhail Gusarov wrote: >> > Probably those hosts disable password authentication and only enable >> > keyboard-interactive one. >> > >> > Check out http://www.libssh2.org/examples/sftp.html >> > >> > >> > >> > Best regards, >> > Mikhail Gusarov. >> > >> > >> > On Thu, May 29, 2014 at 6:20 PM, B Harder >> > wrote: >> > >> >> I've got code that will connect to NetBSD, Solaris, Linux hosts and >> >> authenticate and Do What I Want. However, attempting to connect to a >> >> FreeBSD (10 release) or Mac OS X host yields authentication error. I'm >> >> sure the username/password is correct. If I use key-based >> >> authentication to these problem hosts though, everything works fine. >> >> >> >> Is there a known issue w/ OS X/FreeBSD ? Is there some >> >> boilerplate/reference code available for username/password >> >> authentication to use as basis for example to demonstrate? >> >> >> >> Kind regards, >> >> >> >> -bch >> >> _______________________________________________ >> >> libssh2-devel >> http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel >> >> >> > >> _______________________________________________ >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel >> > _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel