From libssh2-devel-bounces@cool.haxx.se Fri Jan 2 21:53:58 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t02KrRrt011429; Fri, 2 Jan 2015 21:53:52 +0100 Received: from mx.uxnr.de (mx.uxnr.de [89.238.84.48]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t02KrQQS011368 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 2 Jan 2015 21:53:26 +0100 Received: from [10.2.1.162] (p5B0A6FD6.dip0.t-ipconnect.de [91.10.111.214]) by mx.uxnr.de (Postfix) with ESMTPSA id 7698E1C5A3A1 for ; Fri, 2 Jan 2015 21:53:31 +0100 (CET) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 7698E1C5A3A1 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1420232011; bh=wryY46hVCCXnpT8eJ5IEbT3GEUaYOIUoqM6KGkbrsug=; h=From:Subject:Date:References:To:In-Reply-To:From; b=EEE7leLcsdxd40mDO4jhIRscda33NrHKCCkaZW9QnsoKjiAgqYOMYQixFAzVGgWP7 80H3UFftIQ7saNodViAlE9tddgPwFBAlXVz0FDk1P0NQ311vZz2W8/3n9tRVxrpNYP RPKrCmo4hw/M357xXgmLI3hbqyesrsIr9Kyt04WE= From: =?utf-8?Q?Marc_H=C3=B6rsken?= Message-Id: <51B252A1-BFA7-4828-801F-6C95A7515BA6@marc-hoersken.de> Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) Subject: Re: Additional questions related to my fixes of possible NULL pointer de-references Date: Fri, 2 Jan 2015 21:53:17 +0100 References: <548E2C25.1090603@marc-hoersken.de> To: libssh2 development In-Reply-To: X-Mailer: Apple Mail (2.1993) X-Spam-Status: No, score=-0.9 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, HTML_MESSAGE,T_DKIM_INVALID autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0668022644==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0668022644== Content-Type: multipart/alternative; boundary="Apple-Mail=_2E78D237-50FF-497E-A8D9-5F3769AFEFFC" --Apple-Mail=_2E78D237-50FF-497E-A8D9-5F3769AFEFFC Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 (re-sending because my original e-mail did not reach the mailing list = archives) Hello Alexander, > Am 24.12.2014 um 18:10 schrieb Alexander Lamaison >: >=20 > On 15 December 2014 at 00:32, Marc Hoersken > wrote: >> - kex.c: fix possible NULL pointer de-reference with session->kex [1] >=20 > This extra check isn't necessary because session->kex cannot be NULL > if rc =3D=3D 0. The call to kex_agree_methods on line 1749 returns -1 = if > session->kex is not initialised. This is the code path identified by VS2012: C6011 Dereferencing null pointer Dereferencing NULL pointer 'session->kex'. Line 1693: 'session->kex' may be NULL (Enter this branch) Line 1704: Skip this branch, (assume '' is false) Line 1721: Skip this branch, (assume '' is false) Line 1759: Enter this branch, (assume 'rc=3D=3D0') Line 1760: Enter this branch, (assume '') Line 1761: 'session->kex' is dereferenced, but may still be NULL libssh2 - kex.c (Line 1761) >> - packet.c: fix possible NULL pointer de-reference within = listen_state [2] >=20 > This case is less obvious, but the check is also unecessary. It's > impossible for listen_state->channel to be NULL before it is > de-referenced. Any path that arrives at line 219 must have passed > line 142 because listen_state->state is initialised as _state_idle and > the only way to reach line 219 is via the state transition on line > 203. C6011 Dereferencing null pointer Dereferencing NULL pointer 'listen_state->channel'. Line 129: 'listen_state->channel' may be NULL Line 131: Skip this branch, (assume '' is false) Line 206: Enter this branch, (assume '') Line 209: Skip this branch, (assume 'rc=3D=3D-37' is false) Line 211: Skip this branch, (assume 'rc' is false) Line 219: 'listen_state->channel' is dereferenced, but may still be NULL libssh2 - packet.c (Line 219) > I think VS2012 was being a little overzealous. Does it output a > particular path it claims would lead to the unhappy situation? >=20 >> [1] >> = http://git.libssh2.org/?p=3Dlibssh2.git;a=3Dcommitdiff;h=3D1c1699545b0a111= 4e8ca3e6cd097cc9df1e67201;js=3D1 = >> [2] >> = http://git.libssh2.org/?p=3Dlibssh2.git;a=3Dcommitdiff;h=3De57f29f8f65c830= 63fd8f63c88f88830fc269bd6;js=3D1 You are probably right, but I posted the code paths above anyway. I guess it won=E2=80=99t hurt to have those additional checks in place = in this case. What do you think? Best regards, Marc P.S.: Merry Christmas!= --Apple-Mail=_2E78D237-50FF-497E-A8D9-5F3769AFEFFC Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8

(re-sending because my original e-mail did = not reach the mailing list archives)

Hello Alexander,

Am 24.12.2014 um 18:10 schrieb Alexander = Lamaison <swish@lammy.co.uk>:

On 15 December 2014 = at 00:32, Marc Hoersken <info@marc-hoersken.de> wrote:
- kex.c: fix possible NULL pointer de-reference = with session->kex [1]

This = extra check isn't necessary because session->kex cannot be NULL
if rc =3D=3D 0. The call to kex_agree_methods on line = 1749 returns -1 if
session->kex is not initialised.

This is the code path identified by VS2012:

C6011 Dereferencing null pointer
Dereferencing NULL pointer 'session->kex'.

Line 1693: 'session->kex' may be NULL = (Enter this branch)
Line 1704: Skip this branch, = (assume '<branch condition>' is false)
Line = 1721: Skip this branch, (assume '<branch condition>' is = false)
Line 1759: Enter this branch, (assume = 'rc=3D=3D0')
Line 1760: Enter this branch, = (assume '<branch condition>')
Line = 1761: 'session->kex' is dereferenced, but may still be = NULL

libssh2 - kex.c (Line = 1761)

- = packet.c: fix possible NULL pointer de-reference within listen_state = [2]

This case is less obvious, = but the check is also unecessary. It's
impossible for = listen_state->channel to be NULL before it is
de-referenced. Any path that arrives at line 219 must = have passed
line 142 because listen_state->state is = initialised as _state_idle and
the only way to reach line = 219 is via the state transition on line
203.

C6011 Dereferencing null = pointer
Dereferencing NULL pointer = 'listen_state->channel'.

Line = 129: 'listen_state->channel' may be NULL
Line = 131: Skip this branch, (assume '<branch condition>' is = false)
Line 206: Enter this branch, (assume = '<branch condition>')
Line 209: Skip this = branch, (assume 'rc=3D=3D-37' is false)
Line = 211: Skip this branch, (assume 'rc' is false)
Line= 219: 'listen_state->channel' is dereferenced, but may still be = NULL

libssh2 - packet.c (Line = 219)

I think VS2012 was being a little = overzealous. Does it output a
particular path it = claims would lead to the unhappy situation?

[1]
http://git.libssh2.org/?p=3Dlibssh2.git;a=3Dcommitdiff;h=3D1c16= 99545b0a1114e8ca3e6cd097cc9df1e67201;js=3D1
[2]
http://git.libssh2.org/?p=3Dlibssh2.git;a=3Dcommitdiff;h=3De57f= 29f8f65c83063fd8f63c88f88830fc269bd6;js=3D1

You are probably right, but I posted the code paths above = anyway.

I guess it won=E2=80=99t hurt to have those = additional checks in place in this case.

What do = you think?

Best = regards,

Marc

P.S.: Merry = Christmas!

= --Apple-Mail=_2E78D237-50FF-497E-A8D9-5F3769AFEFFC-- --===============0668022644== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KbGlic3NoMi1k ZXZlbCBodHRwOi8vY29vbC5oYXh4LnNlL2NnaS1iaW4vbWFpbG1hbi9saXN0aW5mby9saWJzc2gy LWRldmVsCg== --===============0668022644==-- From libssh2-devel-bounces@cool.haxx.se Mon Jan 5 20:49:50 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t05JnFAT032483; Mon, 5 Jan 2015 20:49:42 +0100 Received: from mx.uxnr.de (mx.uxnr.de [IPv6:2a00:1828:2000:378:3:25:59ee:5430]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t05JnDVr032366 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 5 Jan 2015 20:49:14 +0100 Received: from [IPv6:2a00:1828:2000:378:6f76:706e::1000] (unknown [IPv6:2a00:1828:2000:378:6f76:706e:0:1000]) by mx.uxnr.de (Postfix) with ESMTPSA id 3E2261C5A2F6 for ; Mon, 5 Jan 2015 20:49:17 +0100 (CET) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 3E2261C5A2F6 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1420487357; bh=FRmUKk/ph1iN2MqLitkUgvpPGmXIMsia//ERkVm6Nr8=; h=From:Subject:Date:References:To:In-Reply-To:From; b=PMN+IHLW9C8h5+fhrUS0AvZPPlWm6aFyJHeDA+JNZjMSNIsfZvAjYglOGI25CZupc sX7ykpMaKsNdnQRFnJ8ZA0sDfqF8as3ESQcSSpyrnCyLb50GTBBwg9RJ+JZRi8AqQO mWZ9/C0Zo1B04FggyIcK4mnwoW7SqHnmuXLHe138= From: =?utf-8?Q?Marc_H=C3=B6rsken?= Message-Id: <03E851F2-55EA-449E-8858-A5D6B2840861@marc-hoersken.de> Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) Subject: Re: Added OS X Native Crypto Support Date: Mon, 5 Jan 2015 20:49:04 +0100 References: <2F4A8848-B423-49E9-AC0D-A2A90D08B885@github.com> To: libssh2 development In-Reply-To: <2F4A8848-B423-49E9-AC0D-A2A90D08B885@github.com> X-Mailer: Apple Mail (2.1993) X-Spam-Status: No, score=1.4 required=5.0 tests=DKIM_SIGNED,HELO_NO_DOMAIN, HTML_MESSAGE,RDNS_NONE,T_DKIM_INVALID autolearn=no version=3.3.2 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1716806259==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1716806259== Content-Type: multipart/alternative; boundary="Apple-Mail=_0BAB12B6-18A7-46C8-94DA-1361B0C2DE74" --Apple-Mail=_0BAB12B6-18A7-46C8-94DA-1361B0C2DE74 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hello Keith, > Am 02.12.2014 um 16:34 schrieb Keith Duncan : >=20 > Similar to the WinCNG crypto backend I=E2=80=99ve added support for = using the OS X native crypto support as a libssh2 crypto backend. thank you very much for creating this native crypto backend. > https://github.com/keithduncan/libssh2 = Would you mind rebasing your work to the current master branch and keep = it in a separate branch inside your repository so reviewing and rebasing = becomes easier for me and the other people around here? Thanks in advance. > It looks like Nick Zitzmann also started a similar project in 2012 but = discovered that there=E2=80=99s no public BigNum API in OS X = http://lists.apple.com/archives/apple-cdsa/2012/Aug/msg00009.html = >=20 > I ran in to the same issue but went ahead and used the private BigNum = API he references. For this reason I=E2=80=99m not sure that this would = be a good candidate for submitting upstream. Then again perhaps it could = serve as a compelling reason for the API to be made public if it would = enable OS X native SSH2 crypto. Instead of using a private API you could also try to use the RSA = encryption method to perform the necessary big number operation, which = currently is only modular exponentiation. I used this approach to implement the native crypto backend on Windows, = since it does not have a big number library either. Please see the following email for more information: [1] The implementation using RSA encryption can be found here: [2] > I hope this is of interest, let me know if there=E2=80=99s any = interest in a patch. I would really like to see this merged the same way as the WinCNG = backend was, because it would allow someone to build libssh2 and then = also curl with ssh support using just the native crypto libraries. Best regards, Marc [1] http://libssh2.org/mail/libssh2-devel-archive-2013-05/0011.shtml [2] = http://git.libssh2.org/?p=3Dlibssh2.git;a=3Dblob;f=3Dsrc/wincng.c;h=3D4a8a= a164dc5bae227ae7534f86d33feeca987541;hb=3DHEAD;js=3D1#l1635 --Apple-Mail=_0BAB12B6-18A7-46C8-94DA-1361B0C2DE74 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8

Hello Keith,

Am = 02.12.2014 um 16:34 schrieb Keith Duncan <keith.duncan@github.com>:

Similar to the WinCNG crypto backend I=E2=80=99ve added = support for using the OS X native crypto support as a libssh2 crypto = backend.

thank you very much for creating this native = crypto backend.

https://github.com/keithduncan/libssh2

Would you mind rebasing your = work to the current master branch and keep it in a separate branch = inside your repository so reviewing and rebasing becomes easier for me = and the other people around here?
Thanks in advance.

It = looks like Nick Zitzmann also started a similar project in 2012 but = discovered that there=E2=80=99s no public BigNum API in OS X http://lists.apple.com/archives/apple-cdsa/2012/Aug/msg00009.ht= ml

I ran = in to the same issue but went ahead and used the private BigNum API he = references. For this reason I=E2=80=99m not sure that this would be a = good candidate for submitting upstream. Then again perhaps it could = serve as a compelling reason for the API to be made public if it would = enable OS X native SSH2 crypto.

Instead of using a private API you could also try = to use the RSA encryption method to perform the necessary big number = operation, which currently is only modular exponentiation.
I = used this approach to implement the native crypto backend on Windows, = since it does not have a big number library either.
Please see = the following email for more information: [1]
The = implementation using RSA encryption can be found here: [2]

I = hope this is of interest, let me know if there=E2=80=99s any interest in = a patch.

I would = really like to see this merged the same way as the WinCNG backend was, = because it would allow someone to build libssh2 and then also curl with = ssh support using just the native crypto libraries.

Best regards,

Marc

[1] http://libssh2.org/mail/libssh2-devel-archive-2013-05/0011.shtm= l

[2] http://git.libssh2.org/?p=3Dlibssh2.git;a=3Dblob;f=3Dsrc/wincng= .c;h=3D4a8aa164dc5bae227ae7534f86d33feeca987541;hb=3DHEAD;js=3D1#l1635=

= --Apple-Mail=_0BAB12B6-18A7-46C8-94DA-1361B0C2DE74-- --===============1716806259== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KbGlic3NoMi1k ZXZlbCBodHRwOi8vY29vbC5oYXh4LnNlL2NnaS1iaW4vbWFpbG1hbi9saXN0aW5mby9saWJzc2gy LWRldmVsCg== --===============1716806259==-- From libssh2-devel-bounces@cool.haxx.se Mon Jan 5 21:15:21 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t05KFFQe003372; Mon, 5 Jan 2015 21:15:20 +0100 Received: from mx.uxnr.de (mx.uxnr.de [IPv6:2a00:1828:2000:378:3:25:59ee:5430]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t05KFDYL003268 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 5 Jan 2015 21:15:14 +0100 Received: from [IPv6:2a00:1828:2000:378:6f76:706e::1000] (unknown [IPv6:2a00:1828:2000:378:6f76:706e:0:1000]) by mx.uxnr.de (Postfix) with ESMTPSA id 0ACF21C5A2F6 for ; Mon, 5 Jan 2015 21:15:17 +0100 (CET) X-DKIM: OpenDKIM Filter v2.6.8 mx.uxnr.de 0ACF21C5A2F6 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=marc-hoersken.de; s=picard; t=1420488918; bh=T1RcXJRiFhiWecSatjAVAA2c1k2ExRynKQzEl9m2bU0=; h=Subject:From:In-Reply-To:Date:References:To:From; b=zfjVf9fSLb9iPLNIRsX/T40raH4kNb3Al03eI+DqqF32rNN9Q2Ljv44M9vHyvIZGk qciKU3x73IOKyFs/oLEVRXEvc7/Zm6OyktAM68AvpsYGB5j+mEB/JzmPjlAog1rDQA s6DLXoWtxkZrzAP17oOSaiN8uyzLu1e2UAhMWpUU= Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) Subject: Re: CMake From: =?utf-8?Q?Marc_H=C3=B6rsken?= In-Reply-To: Date: Mon, 5 Jan 2015 21:15:04 +0100 Message-Id: <66485C8C-C577-4A75-9E9E-8F36F06B7836@marc-hoersken.de> References: <548DDCF8.9040705@marc-hoersken.de>

To: libssh2 development X-Mailer: Apple Mail (2.1993) X-Spam-Status: No, score=1.4 required=5.0 tests=DKIM_SIGNED,HELO_NO_DOMAIN, RDNS_NONE,T_DKIM_INVALID autolearn=no version=3.3.2 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on picard.vpn.uxnr.de X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id t05KFDYL003268 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t05KFFQe003372 Hi Alex, > Am 23.12.2014 um 23:12 schrieb Alexander Lamaison : > > I've rebased against latest master and squashed everything down to a > few commits. The result is in the 'cmake-with-ci' branch: > https://github.com/alamaison/libssh2/tree/cmake-with-ci. > > Thoughts? thank you very much. I just rebased it to the current master again without any issues. The CMake build looks good to me, at least I just tried it on Mac OS X 10.10 and Windows 7. Do you know how I can create x64 builds on Windows using the Visual Studio 11 2012 generator? We just need to coordinate this with the new SecureTransport backend, since that should also be supported if it is merged. Best regards, Marc _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jan 5 22:34:08 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t05LXpui016835; Mon, 5 Jan 2015 22:34:06 +0100 Received: from mail-wg0-x231.google.com (mail-wg0-x231.google.com [IPv6:2a00:1450:400c:c00::231]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t05LXoL5016198 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-RC4-SHA bits=128 verify=NOT) for ; Mon, 5 Jan 2015 22:33:50 +0100 Received: by mail-wg0-f49.google.com with SMTP id n12so28347453wgh.36 for ; Mon, 05 Jan 2015 13:33:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=WHq+V1rWRHOZv3rkkisvu2hsk3dzs+lM5lJd3nItoPk=; b=LuMW/1uWGUwssL9FesociKuVNq8i2VEmxlYRLbkoCjwo3aDmhTluuajmTg/GSgVviy E+oto3mf7KwPbhDQVWEJUMil2ujn2jn7w3uGYu1HgAqmbXugjPa0TXAHooY2NnmwA7v2 WS0JB7sh7/UUhCeOK70QAlqmHzf+kl1Xm1NPZBZS7wOmVYFWKmCtV/vW7qF3TGsaoPsI u041RfzuguAQM3LyaF2t2nebtq6fk+SmFbZPo2AVBFmUkWCFoTPSB+Gchkg7xZ3rJK2N 7B9IaAuYCpqUBqdkoaDSW1rDz47wwHpyz2vwyHZDdbbvHRucvUbQubSXrkBAXAKa65Qx xPXg== MIME-Version: 1.0 X-Received: by 10.180.221.201 with SMTP id qg9mr30022095wic.29.1420493625766; Mon, 05 Jan 2015 13:33:45 -0800 (PST) Received: by 10.216.151.6 with HTTP; Mon, 5 Jan 2015 13:33:45 -0800 (PST) Received: by 10.216.151.6 with HTTP; Mon, 5 Jan 2015 13:33:45 -0800 (PST) In-Reply-To: <66485C8C-C577-4A75-9E9E-8F36F06B7836@marc-hoersken.de> References: <548DDCF8.9040705@marc-hoersken.de>

<66485C8C-C577-4A75-9E9E-8F36F06B7836@marc-hoersken.de> Date: Mon, 5 Jan 2015 21:33:45 +0000 X-Google-Sender-Auth: OWULhi-eeZYDeVD9hqQ0mzzqj2c Message-ID: Subject: Re: CMake From: Alexander Lamaison To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0703288924==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============0703288924== Content-Type: multipart/alternative; boundary=001a1133c102f84b1f050bee713e --001a1133c102f84b1f050bee713e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 5 January 2015 at 20:15, Marc H=C3=B6rsken wrote= : >> Am 23.12.2014 um 23:12 schrieb Alexander Lamaison : >> >> I've rebased against latest master and squashed everything down to a >> few commits. The result is in the 'cmake-with-ci' branch: >> https://github.com/alamaison/libssh2/tree/cmake-with-ci. >> >> Thoughts? > > thank you very much. I just rebased it to the current master again without any issues. > > The CMake build looks good to me, at least I just tried it on Mac OS X 10.10 and Windows 7. Thanks for testing. > Do you know how I can create x64 builds on Windows using the Visual Studio 11 2012 generator? cmake -G "Visual Studio 11 2012 Win64" > We just need to coordinate this with the new SecureTransport backend, since that should also be supported if it is merged. I look forward to it. Adding new backends more easily is one of the benefits of the CMake configuration. Alex --=20 Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org) --001a1133c102f84b1f050bee713e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

On 5 January 2015 at 20:15, Marc H=C3=B6rsken <info@marc-hoersken.de> wrote:
>> Am 23.12.2014 um 23:12 schrieb Alexander Lamaison <swish@lammy.co.uk>:
>>
>> I've rebased against latest master and squashed everything dow= n to a
>> few commits. The result is in the 'cmake-with-ci' branch:<= br> >> https://github.com/alamaison/libssh2/tree/cmake-with-ci.
>>
>> Thoughts?
>
> thank you very much. I just rebased it to the current master again wit= hout any issues.
>
> The CMake build looks good to me, at least I just tried it on Mac OS X= 10.10 and Windows 7.

Thanks for testing.

> Do you know how I can create x64 builds on Windows usin= g the Visual Studio 11 2012 generator?

cmake -G "Visual Studio 11 2012 Win64"

> We just need to coordinate this with the new SecureTran= sport backend, since that should also be supported if it is merged.

I look forward to it. Adding new backends more easily is one= of the benefits of the CMake configuration.

Alex

--
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)

--001a1133c102f84b1f050bee713e-- --===============0703288924== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KbGlic3NoMi1k ZXZlbCBodHRwOi8vY29vbC5oYXh4LnNlL2NnaS1iaW4vbWFpbG1hbi9saXN0aW5mby9saWJzc2gy LWRldmVsCg== --===============0703288924==-- From libssh2-devel-bounces@cool.haxx.se Tue Jan 13 01:30:01 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0D0TKx4003691; Tue, 13 Jan 2015 01:29:46 +0100 Received: from mail.panic.com (posh.panic.com [38.103.165.4]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0D0TJ7j003642 for ; Tue, 13 Jan 2015 01:29:19 +0100 Received: from [10.0.0.164] (unknown [38.103.165.36]) by mail.panic.com (Postfix) with ESMTPSA id D89C6B104637 for ; Mon, 12 Jan 2015 16:29:14 -0800 (PST) From: Will Cosgrove Subject: diffie-hellman-group-exchange-sha256 key exchange Message-Id: Date: Mon, 12 Jan 2015 16:29:12 -0800 To: libssh2-devel@cool.haxx.se Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) X-Mailer: Apple Mail (2.1993) X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id t0D0TJ7j003642 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0D0TKx4003691 Hi All, I’m adding diffie-hellman-group-exchange-sha256 support and have it working. However, if I am to submit this patch back to the project I have a couple code style questions. First, kmdhgGPsha1kex_state_t is coded to be specific to sha1. No big deal I thought, I could add a sha256 version. However that leads to key_exchange_state_low_t which is included in key_exchange_state_t. So now we’re duplicating three structs and causing a lot of branching, not so great. At that point, I decided to change kmdhgGPsha1kex_state_t to support sha256. The following changes were made: unsigned char h_sig_comp[SHA256_DIGEST_LENGTH]; //SHA1_DIGEST_LENGTH //libssh2_sha1_ctx exchange_hash; EVP_MD_CTX exchange_hash; This isn’t so hot as it hard-codes openssl support instead of using the libssh2_sha1_ctx macro. On the flip side, creating three new structures for a couple calls seems excessive. Anyone out there have opinions on how to proceed? Cheers, Will _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jan 13 13:17:49 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DCHSPb020391; Tue, 13 Jan 2015 13:17:45 +0100 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DCHPY0020377 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 13 Jan 2015 13:17:26 +0100 Received: from int-mx13.intmail.prod.int.phx2.redhat.com (int-mx13.intmail.prod.int.phx2.redhat.com [10.5.11.26]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id t0DCHOfo007789 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 13 Jan 2015 07:17:24 -0500 Received: from kdudka.brq.redhat.com (kdudka.brq.redhat.com [10.34.4.67]) by int-mx13.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t0DCHM28003402 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO); Tue, 13 Jan 2015 07:17:24 -0500 From: Kamil Dudka To: Will Cosgrove Subject: Re: diffie-hellman-group-exchange-sha256 key exchange Date: Tue, 13 Jan 2015 13:17:22 +0100 Message-ID: <94759598.MU9WZTOihj@kdudka.brq.redhat.com> User-Agent: KMail/4.14.3 (Linux/3.17.8-300.fc21.x86_64; KDE/4.14.3; x86_64; ; ) In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.68 on 10.5.11.26 X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id t0DCHPY0020377 Cc: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0DCHSPb020391 On Monday 12 January 2015 16:29:12 Will Cosgrove wrote: > Hi All, > I’m adding diffie-hellman-group-exchange-sha256 support and have it working. > However, if I am to submit this patch back to the project I have a couple > code style questions. > > First, kmdhgGPsha1kex_state_t is coded to be specific to sha1. No big deal > I thought, I could add a sha256 version. However that leads to > key_exchange_state_low_t which is included in key_exchange_state_t. So now > we’re duplicating three structs and causing a lot of branching, not so > great. > > At that point, I decided to change kmdhgGPsha1kex_state_t to support sha256. > The following changes were made: > > unsigned char h_sig_comp[SHA256_DIGEST_LENGTH]; //SHA1_DIGEST_LENGTH > > //libssh2_sha1_ctx exchange_hash; > EVP_MD_CTX exchange_hash; > > This isn’t so hot as it hard-codes openssl support instead of using the > libssh2_sha1_ctx macro. On the flip side, creating three new structures > for a couple calls seems excessive. > > Anyone out there have opinions on how to proceed? For me it is difficult to infer what exactly you are proposing to change from the above description. Could you please attach the current version of your patch to clarify it? In general, avoiding duplicated code is good. On the other hand, I believe that the only module where OpenSSL should be hard-coded is src/openssl.c whereas the structures defined in libssh2_priv.h should be independent on a particular crypto library. Kamil > Cheers, > Will > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jan 13 18:08:13 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DH7qmt019450; Tue, 13 Jan 2015 18:08:10 +0100 Received: from mail.panic.com (posh.panic.com [38.103.165.4]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DH7pPU019430 for ; Tue, 13 Jan 2015 18:07:51 +0100 Received: from [10.0.0.164] (unknown [38.103.165.36]) by mail.panic.com (Postfix) with ESMTPSA id 56C3AB1173FF; Tue, 13 Jan 2015 09:07:43 -0800 (PST) Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) Subject: Re: diffie-hellman-group-exchange-sha256 key exchange From: Will Cosgrove In-Reply-To: <94759598.MU9WZTOihj@kdudka.brq.redhat.com> Date: Tue, 13 Jan 2015 09:07:41 -0800 Message-Id: <31AE3512-DC1D-40AF-8225-B1769E447ED0@panic.com> References: <94759598.MU9WZTOihj@kdudka.brq.redhat.com> To: Kamil Dudka X-Mailer: Apple Mail (2.1993) X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id t0DH7pPU019430 Cc: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0DH7qmt019450 Hi Kamil, Thanks for the reply. I’m not really proposing anything at the moment, I’m looking for suggestions on how to resolve the issue of replicating 3 structures just so we don’t have to change kmdhgGPsha1kex_state_t. Right now, kmdhgGPsha1kex_state_t has two members that need to change; h_sig_comp and exchange_hash. First, h_sig_comp needs to be big enough to hold a SHA256 digest, that’s an easy fix; I’d propose something like: #define MAX_SHA_DIGEST_LEN SHA256_DIGEST_LENGTH And then change the member variable to: unsigned char h_sig_comp[MAX_SHA_DIGEST_LEN] Second, exhange_hash needs to change from libssh2_sha1_ctx to something more generic. This is the real hang-up as it needs to be either libssh2_sha1_ctx or libssh2_sha256_ctx. This is what I’m soliciting ideas on how to resolve this issue. Any recommendations are welcome. Cheers, Will > On Jan 13, 2015, at 4:17 AM, Kamil Dudka wrote: > > On Monday 12 January 2015 16:29:12 Will Cosgrove wrote: >> Hi All, >> I’m adding diffie-hellman-group-exchange-sha256 support and have it working. >> However, if I am to submit this patch back to the project I have a couple >> code style questions. >> >> First, kmdhgGPsha1kex_state_t is coded to be specific to sha1. No big deal >> I thought, I could add a sha256 version. However that leads to >> key_exchange_state_low_t which is included in key_exchange_state_t. So now >> we’re duplicating three structs and causing a lot of branching, not so >> great. >> >> At that point, I decided to change kmdhgGPsha1kex_state_t to support sha256. >> The following changes were made: >> >> unsigned char h_sig_comp[SHA256_DIGEST_LENGTH]; //SHA1_DIGEST_LENGTH >> >> //libssh2_sha1_ctx exchange_hash; >> EVP_MD_CTX exchange_hash; >> >> This isn’t so hot as it hard-codes openssl support instead of using the >> libssh2_sha1_ctx macro. On the flip side, creating three new structures >> for a couple calls seems excessive. >> >> Anyone out there have opinions on how to proceed? > > For me it is difficult to infer what exactly you are proposing to change > from the above description. Could you please attach the current version > of your patch to clarify it? > > In general, avoiding duplicated code is good. On the other hand, I believe > that the only module where OpenSSL should be hard-coded is src/openssl.c > whereas the structures defined in libssh2_priv.h should be independent on > a particular crypto library. > > Kamil > >> Cheers, >> Will >> _______________________________________________ >> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jan 13 18:14:14 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DHEBcu026283; Tue, 13 Jan 2015 18:14:13 +0100 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DHE9rQ026219 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 13 Jan 2015 18:14:09 +0100 Received: (qmail 13302 invoked by uid 501); 13 Jan 2015 17:14:10 -0000 Message-ID: <20150113171410.13301.qmail@stuge.se> Date: Tue, 13 Jan 2015 18:14:10 +0100 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: diffie-hellman-group-exchange-sha256 key exchange Mail-Followup-To: libssh2-devel@cool.haxx.se References: <94759598.MU9WZTOihj@kdudka.brq.redhat.com> <31AE3512-DC1D-40AF-8225-B1769E447ED0@panic.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <31AE3512-DC1D-40AF-8225-B1769E447ED0@panic.com> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0DHEBcu026283 Will Cosgrove wrote: > Second, exhange_hash needs to change from libssh2_sha1_ctx to > something more generic. .. > >> First, kmdhgGPsha1kex_state_t is coded to be specific to sha1. So you are saying that libssh2 currently does not have hash abstraction, and you would like to add a new hash algo, correct? libssh2 *does* have crypto algo abstraction. Can you model a new hash algo abstraction after the existing crypto algo abstraction? //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jan 13 18:31:38 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DHVSoo026970; Tue, 13 Jan 2015 18:31:36 +0100 Received: from mail.panic.com (posh.panic.com [38.103.165.4]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DHVRA6026956 for ; Tue, 13 Jan 2015 18:31:27 +0100 Received: from [10.0.0.164] (unknown [38.103.165.36]) by mail.panic.com (Postfix) with ESMTPSA id 7990BB11859A for ; Tue, 13 Jan 2015 09:31:20 -0800 (PST) Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) Subject: Re: diffie-hellman-group-exchange-sha256 key exchange From: Will Cosgrove In-Reply-To: <20150113171410.13301.qmail@stuge.se> Date: Tue, 13 Jan 2015 09:31:16 -0800 Message-Id: <3DC1F08A-F286-44A6-A8A3-D44C9BB70789@panic.com> References: <94759598.MU9WZTOihj@kdudka.brq.redhat.com> <31AE3512-DC1D-40AF-8225-B1769E447ED0@panic.com> <20150113171410.13301.qmail@stuge.se> To: libssh2 development X-Mailer: Apple Mail (2.1993) X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id t0DHVRA6026956 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0DHVSoo026970 Now that I look at it, adding a new abstracted exchange_hash datatype into the various crypto libraries would be enough to resolve this issue, for now at least. We are looking at adding more exotic exchange types but would require much more extensive code churn. That said, our team is working exclusively on openssl support. How do you deal with new features that aren’t being put back into libgcrypt for example? Will > On Jan 13, 2015, at 9:14 AM, Peter Stuge wrote: > > Will Cosgrove wrote: >> Second, exhange_hash needs to change from libssh2_sha1_ctx to >> something more generic. > .. >>>> First, kmdhgGPsha1kex_state_t is coded to be specific to sha1. > > So you are saying that libssh2 currently does not have hash > abstraction, and you would like to add a new hash algo, correct? > > libssh2 *does* have crypto algo abstraction. Can you model a new > hash algo abstraction after the existing crypto algo abstraction? > > > //Peter > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jan 13 18:39:02 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DHcvbX000951; Tue, 13 Jan 2015 18:39:01 +0100 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0DHcufr000946 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 13 Jan 2015 18:38:56 +0100 Received: (qmail 15110 invoked by uid 501); 13 Jan 2015 17:38:57 -0000 Message-ID: <20150113173857.15109.qmail@stuge.se> Date: Tue, 13 Jan 2015 18:38:56 +0100 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: diffie-hellman-group-exchange-sha256 key exchange Mail-Followup-To: libssh2-devel@cool.haxx.se References: <94759598.MU9WZTOihj@kdudka.brq.redhat.com> <31AE3512-DC1D-40AF-8225-B1769E447ED0@panic.com> <20150113171410.13301.qmail@stuge.se> <3DC1F08A-F286-44A6-A8A3-D44C9BB70789@panic.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <3DC1F08A-F286-44A6-A8A3-D44C9BB70789@panic.com> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.16 Precedence: list Reply-To: libssh2 development List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0DHcvbX000951 Will Cosgrove wrote: > That said, our team is working exclusively on openssl support. > How do you deal with new features that aren’t being put back into > libgcrypt for example? For me personally the answer is "with contempt" but other people who are involved in the project have different opinions. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jan 26 12:49:38 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0QBn8YM007798; Mon, 26 Jan 2015 12:49:32 +0100 Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com [IPv6:2607:f8b0:4003:c06::22a]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0QBn64B007646 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-RC4-SHA bits=128 verify=NOT) for ; Mon, 26 Jan 2015 12:49:07 +0100 Received: by mail-oi0-f42.google.com with SMTP id i138so6730463oig.1 for ; Mon, 26 Jan 2015 03:49:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=/L+GAYXPUT38vG22j5Gob74hAi9VsFadvRnHN6YzLyo=; b=hQdEYY9bRhLRY5BP5FanSxD2cjX9AAnaAvR5+0MyenGcahkTNgDN8lpff5uAmhSnra GLKKNXHv+7rkntNHTyHxXuky2+EjuQNZeC2POkY03FQgpqV+VaGVSPzMPjnXebOm+zCE fr/ednFmn1jl/7HX7QWoiiUWdr98Zqmd1nw53TR0aNUyVbaxx+ZbQnCOdO1iSDN7WG73 O4RyJdHOFMqE53nrFfUQ+z9vCZaBX/A4/jdv6mC4uGYsLvOcY7T9CqxldAabjzfsm/bK YRj34gCRV5GWC3l2/1OsPIu8vs2bsiD7nZsxxRQBzvLlM+Cx1I0OTNiu21D6gujmZTA7 zJ/A== MIME-Version: 1.0 X-Received: by 10.60.176.34 with SMTP id cf2mr12358209oec.52.1422272942534; Mon, 26 Jan 2015 03:49:02 -0800 (PST) Received: by 10.76.62.67 with HTTP; Mon, 26 Jan 2015 03:49:02 -0800 (PST) Date: Mon, 26 Jan 2015 20:49:02 +0900 X-Google-Sender-Auth: N2ELhxb_IvMAkhSgnBP1JMvrxuU Message-ID: Subject: Using libssh2_sftp_* functions in multi-threading environment From: Yoichiro Tanaka To: libssh2-devel@cool.haxx.se X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.18 Precedence: list List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: libssh2 development Content-Type: multipart/mixed; boundary="===============1550876687==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1550876687== Content-Type: multipart/alternative; boundary=089e01182b888379dc050d8cb9d3 --089e01182b888379dc050d8cb9d3 Content-Type: text/plain; charset=UTF-8 Hi there, I'm developing my application to access SFTP server with libssh2. And, I want to give an ability to access the SFTP server from multi-threads to the application, for example, downloading some files simultaneously. I have some questions about how to use libssh2_sftp_* functions. (1) Are "libssh2_sftp_*" functions thread-safe? (2) If yes, what is a value to issue for each thread? Do I need to issue a sftp_session value issued by the libssh2_sftp_init() function for each thread? Or, Can I share the sftp_session value with all threads? That is, do I need to issue a sftp_handle value issued by the libssh2_sftp_open(dir) for each thread with the same value of the sftp_session? (3) If a lock (ex. mutex) is necessary, where I should apply the lock against my code? From the libssh2_sftp_init() calling to the reading file with the all libssh2_sftp_read() calling? Or, each API calling? (4) Is there any sample code to use libssh2 in the multi-threading environment? Thank you for your advice. -- Yoichiro Tanaka Email: yoichiro@eisbahn.jp Blog: http://www.eisbahn.jp/yoichiro --089e01182b888379dc050d8cb9d3 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

Hi there,

I'm developing= my application to access SFTP server with libssh2. And, I want to give an = ability to access the SFTP server from multi-threads to the application, fo= r example, downloading some files simultaneously.

I have some questions abo= ut how to use libssh2_sftp_* functions.

(1) Are "libssh2_sftp_*" = functions thread-safe?

(2) If yes, what is a value to issue for each thread= ? Do I need to issue a sftp_session value issued by the libssh2_sftp_init()= function for each thread? Or, Can I share the sftp_session value with all = threads? That is, do I need to issue a sftp_handle value issued by the libs= sh2_sftp_open(dir) for each thread with the same value of the sftp_session?=

(3) If a lock (ex. mutex) is necessary, where I should apply the lock agai= nst my code? From the libssh2_sftp_init() calling to the reading file with = the all libssh2_sftp_read() calling? Or, each API calling?

(4) Is there an= y sample code to use libssh2 in =C2=A0the multi-threading environment?

Than= k you for your advice.

Yoichiro Tanaka
Email: yoic= hiro@eisbahn.jp
Blog: htt= p://www.eisbahn.jp/yoichiro

--089e01182b888379dc050d8cb9d3-- --===============1550876687== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KbGlic3NoMi1k ZXZlbCBodHRwOi8vY29vbC5oYXh4LnNlL2NnaS1iaW4vbWFpbG1hbi9saXN0aW5mby9saWJzc2gy LWRldmVsCg== --===============1550876687==-- From libssh2-devel-bounces@cool.haxx.se Mon Jan 26 16:53:22 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0QFqxoo026375; Mon, 26 Jan 2015 16:53:18 +0100 Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0QFqwil026284 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 26 Jan 2015 16:52:58 +0100 Received: (qmail 26743 invoked by uid 501); 26 Jan 2015 15:52:59 -0000 Message-ID: <20150126155259.26742.qmail@stuge.se> Date: Mon, 26 Jan 2015 16:52:59 +0100 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Using libssh2_sftp_* functions in multi-threading environment Mail-Followup-To: libssh2-devel@cool.haxx.se References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.18 Precedence: list List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: libssh2 development Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0QFqxoo026375 Yoichiro Tanaka wrote: > (1) Are "libssh2_sftp_*" functions thread-safe? No. > (3) If a lock (ex. mutex) is necessary, where I should apply the lock > against my code? To be really safe, around any atomic operation relating to a libssh2_session. Very coarse locking. If you want, you can investigate if perhaps multiple SFTP channels will work correctly, but I doubt it, because the session IO is not thread-capable. > (4) Is there any sample code to use libssh2 in the multi-threading > environment? Unfortunately not. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Tue Jan 27 12:09:22 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0RB8vdp029968; Tue, 27 Jan 2015 12:09:18 +0100 Received: from mail-ob0-x22e.google.com (mail-ob0-x22e.google.com [IPv6:2607:f8b0:4003:c01::22e]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0RB8set029880 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-RC4-SHA bits=128 verify=NOT) for ; Tue, 27 Jan 2015 12:08:54 +0100 Received: by mail-ob0-f174.google.com with SMTP id gq1so12829894obb.5 for ; Tue, 27 Jan 2015 03:08:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=r1ota8K/2q/e1zCEqZGMJW/uFAx2xaTHN3wf+k7xnjA=; b=CD+lZstPVCuYxJNGpOB6pfetoJuRh1u1eVPpiu+WzGbNPMzrP76xSIrKQo9SqwcFz4 SfCR5eHNtAMVwuW60QMDKaHWx76cuoj+Jgkf/Lnme9gc4C3CzbMWmR+j3Afyfcivt+vH HRq37AKzPwiZMZHU4FBTSm7nClnUZeBPxRc7SVJEMwNl1CoYPTmPLUPpN8k+aS5AJu/o PmB7ui3M2kH+HJ+ryDbBY7SuPJdsrnc2sADWFcaX1MScpaNjHvk3ktLaTxl7ZvGM2Zrq Ywf8U61EWhvg036UP77LN18yOfkV+b/eamHWfxLh4OVF0INoxjf7U4e28sw1i50+mZEi YRVw== MIME-Version: 1.0 X-Received: by 10.202.87.74 with SMTP id l71mr392130oib.84.1422356928706; Tue, 27 Jan 2015 03:08:48 -0800 (PST) Received: by 10.76.62.67 with HTTP; Tue, 27 Jan 2015 03:08:48 -0800 (PST) In-Reply-To: <20150126155259.26742.qmail@stuge.se> References: <20150126155259.26742.qmail@stuge.se> Date: Tue, 27 Jan 2015 20:08:48 +0900 X-Google-Sender-Auth: JRx189ywrtXvO4Y578YPFuVmtfI Message-ID: Subject: Re: Using libssh2_sftp_* functions in multi-threading environment From: Yoichiro Tanaka To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.18 Precedence: list List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: libssh2 development Content-Type: multipart/mixed; boundary="===============1912262654==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============1912262654== Content-Type: multipart/alternative; boundary=001a113b07447ac11d050da047d4 --001a113b07447ac11d050da047d4 Content-Type: text/plain; charset=UTF-8 Thanks, Peter. I could understand. I intend to create sessions against each thread, and handshake for each them. -Yoichiro 2015-01-27 0:52 GMT+09:00 Peter Stuge : > Yoichiro Tanaka wrote: > > (1) Are "libssh2_sftp_*" functions thread-safe? > > No. > > > (3) If a lock (ex. mutex) is necessary, where I should apply the lock > > against my code? > > To be really safe, around any atomic operation relating to a > libssh2_session. Very coarse locking. > > If you want, you can investigate if perhaps multiple SFTP channels > will work correctly, but I doubt it, because the session IO is not > thread-capable. > > > > (4) Is there any sample code to use libssh2 in the multi-threading > > environment? > > Unfortunately not. > > > //Peter > _______________________________________________ > libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel > -- Yoichiro Tanaka Email: yoichiro@eisbahn.jp Blog: http://www.eisbahn.jp/yoichiro --001a113b07447ac11d050da047d4 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

Thanks, Peter. I could understand.

I intend= to create sessions against each thread, and handshake for each them.

-Yoichiro

2015-01-27 0:52 GMT+09:00 Peter Stuge <peter@stuge.se= >:

Yoichir= o Tanaka wrote:
> (1) Are "libssh2_sftp_*" functions thread-safe?

No.

> (3) If a lock (ex. mutex) is necessary, where I should apply the lock<= br> > against my code?

To be really safe, around any atomic operation relating to a
libssh2_session. Very coarse locking.

If you want, you can investigate if perhaps multiple SFTP channels
will work correctly, but I doubt it, because the session IO is not
thread-capable.

> (4) Is there any sample code to use libssh2 in=C2=A0 the multi-threadi= ng
> environment?

Unfortunately not.

//Peter
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/li= bssh2-devel

Yoichiro Tanaka
Email: yoichiro@eisbahn.jp
Blog: http://www.eisbahn.jp/yoichiro

--001a113b07447ac11d050da047d4-- --===============1912262654== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KbGlic3NoMi1k ZXZlbCBodHRwOi8vY29vbC5oYXh4LnNlL2NnaS1iaW4vbWFpbG1hbi9saXN0aW5mby9saWJzc2gy LWRldmVsCg== --===============1912262654==-- From libssh2-devel-bounces@cool.haxx.se Tue Jan 27 15:17:13 2015 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0REGqpa017757; Tue, 27 Jan 2015 15:17:08 +0100 Received: from earth.stuge.se (earth.stuge.se [212.116.89.126]) by giant.haxx.se (8.14.4/8.14.4/Debian-7) with ESMTP id t0REGoEd017751 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 27 Jan 2015 15:16:50 +0100 Received: (qmail 17441 invoked from network); 27 Jan 2015 14:19:12 -0000 Received: from unknown (HELO earth.stuge.se) (127.0.0.1) by localhost with SMTP; 27 Jan 2015 14:19:12 -0000 MIME-Version: 1.0 From: "libssh2 Trac" X-Trac-Version: 1.0dev Precedence: bulk Cc: libssh2-devel@cool.haxx.se Auto-Submitted: auto-generated X-Mailer: Trac 1.0dev, by Edgewall Software X-Trac-Project: libssh2 Date: Tue, 27 Jan 2015 14:19:12 -0000 X-URL: https://trac.libssh2.org/ Subject: Re: [libssh2] #286: LibSSH2-HEAD can't be used with OpenBSD 5.5 X-Trac-Ticket-URL: https://trac.libssh2.org/ticket/286#comment:1 Message-ID: <062.5103c669744be707fae553371480977a@libssh2.stuge.se> References: <047.ca246143a7db3e54d5f588d7b9825ba8@libssh2.stuge.se> X-Trac-Ticket-ID: 286 In-Reply-To: <047.ca246143a7db3e54d5f588d7b9825ba8@libssh2.stuge.se> X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0REGoEd017751 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.18 List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: trac@libssh2.stuge.se, libssh2 development Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id t0REGqpa017757 #286: LibSSH2-HEAD can't be used with OpenBSD 5.5 --------------------------+------------------- Reporter: jamesmoore | Owner: Type: enhancement | Status: new Priority: normal | Milestone: 1.4.3 Component: crypto | Version: 1.4.2 Resolution: | Keywords: Blocked By: | Blocks: --------------------------+------------------- Comment (by wanzh02): Need SHA-2 support too. Do you have a schedule for this enhancement? -- Ticket URL: libssh2 C library for writing portable SSH2 clients _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel