summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libssh2-1.4.2-examples.patch1019
-rw-r--r--libssh2-1.4.2-fips.patch334
-rw-r--r--libssh2.spec34
-rw-r--r--sources2
4 files changed, 22 insertions, 1367 deletions
diff --git a/libssh2-1.4.2-examples.patch b/libssh2-1.4.2-examples.patch
deleted file mode 100644
index fa138c9..0000000
--- a/libssh2-1.4.2-examples.patch
+++ /dev/null
@@ -1,1019 +0,0 @@
-From b31e35aba6fa2e39f7aa91c21400722afe8d675e Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Mon, 22 Oct 2012 13:29:27 +0200
-Subject: [PATCH] examples: use stderr for messages, stdout for data
-
-Reported by: Karel Srot
-Bug: https://bugzilla.redhat.com/867462
----
- example/direct_tcpip.c | 19 ++++++++-------
- example/scp_nonblock.c | 2 +-
- example/scp_write_nonblock.c | 2 +-
- example/sftp.c | 49 +++++++++++++++++++++-------------------
- example/sftp_RW_nonblock.c | 14 ++++++------
- example/sftp_append.c | 18 +++++++-------
- example/sftp_mkdir.c | 12 +++++-----
- example/sftp_mkdir_nonblock.c | 12 +++++-----
- example/sftp_nonblock.c | 4 +-
- example/sftp_write.c | 14 ++++++------
- example/sftp_write_nonblock.c | 16 ++++++------
- example/sftp_write_sliding.c | 16 ++++++------
- example/sftpdir.c | 12 +++++-----
- example/sftpdir_nonblock.c | 8 +++---
- example/ssh2.c | 26 +++++++++++----------
- example/ssh2_agent.c | 14 ++++++------
- example/ssh2_echo.c | 2 +-
- example/ssh2_exec.c | 4 +-
- example/subsystem_netconf.c | 20 ++++++++--------
- example/tcpip-forward.c | 25 +++++++++++----------
- 20 files changed, 148 insertions(+), 141 deletions(-)
-
-diff --git a/example/direct_tcpip.c b/example/direct_tcpip.c
-index 6aa9845..e530199 100644
---- a/example/direct_tcpip.c
-+++ b/example/direct_tcpip.c
-@@ -135,7 +135,7 @@ int main(int argc, char *argv[])
-
- /* check what authentication methods are available */
- userauthlist = libssh2_userauth_list(session, username, strlen(username));
-- printf("Authentication methods: %s\n", userauthlist);
-+ fprintf(stderr, "Authentication methods: %s\n", userauthlist);
- if (strstr(userauthlist, "password"))
- auth |= AUTH_PASSWORD;
- if (strstr(userauthlist, "publickey"))
-@@ -157,12 +157,12 @@ int main(int argc, char *argv[])
- } else if (auth & AUTH_PUBLICKEY) {
- if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
- keyfile2, password)) {
-- printf("\tAuthentication by public key failed!\n");
-+ fprintf(stderr, "\tAuthentication by public key failed!\n");
- goto shutdown;
- }
-- printf("\tAuthentication by public key succeeded.\n");
-+ fprintf(stderr, "\tAuthentication by public key succeeded.\n");
- } else {
-- printf("No supported authentication methods found!\n");
-+ fprintf(stderr, "No supported authentication methods found!\n");
- goto shutdown;
- }
-
-@@ -185,7 +185,7 @@ int main(int argc, char *argv[])
- goto shutdown;
- }
-
-- printf("Waiting for TCP connection on %s:%d...\n",
-+ fprintf(stderr, "Waiting for TCP connection on %s:%d...\n",
- inet_ntoa(sin.sin_addr), ntohs(sin.sin_port));
-
- forwardsock = accept(listensock, (struct sockaddr *)&sin, &sinlen);
-@@ -197,8 +197,8 @@ int main(int argc, char *argv[])
- shost = inet_ntoa(sin.sin_addr);
- sport = ntohs(sin.sin_port);
-
-- printf("Forwarding connection from %s:%d here to remote %s:%d\n", shost,
-- sport, remote_desthost, remote_destport);
-+ fprintf(stderr, "Forwarding connection from %s:%d here to remote %s:%d\n",
-+ shost, sport, remote_desthost, remote_destport);
-
- channel = libssh2_channel_direct_tcpip_ex(session, remote_desthost,
- remote_destport, shost, sport);
-@@ -228,7 +228,8 @@ int main(int argc, char *argv[])
- perror("read");
- goto shutdown;
- } else if (0 == len) {
-- printf("The client at %s:%d disconnected!\n", shost, sport);
-+ fprintf(stderr, "The client at %s:%d disconnected!\n", shost,
-+ sport);
- goto shutdown;
- }
- wr = 0;
-@@ -259,7 +260,7 @@ int main(int argc, char *argv[])
- wr += i;
- }
- if (libssh2_channel_eof(channel)) {
-- printf("The server at %s:%d disconnected!\n",
-+ fprintf(stderr, "The server at %s:%d disconnected!\n",
- remote_desthost, remote_destport);
- goto shutdown;
- }
-diff --git a/example/scp_nonblock.c b/example/scp_nonblock.c
-index 867d851..5d636c0 100644
---- a/example/scp_nonblock.c
-+++ b/example/scp_nonblock.c
-@@ -250,7 +250,7 @@ int main(int argc, char *argv[])
- gettimeofday(&end, NULL);
-
- time_ms = tvdiff(end, start);
-- printf("Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
-+ fprintf(stderr, "Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
- time_ms, total/(time_ms/1000.0), spin );
-
- libssh2_channel_free(channel);
-diff --git a/example/scp_write_nonblock.c b/example/scp_write_nonblock.c
-index 9dfbd4e..0ac0f69 100644
---- a/example/scp_write_nonblock.c
-+++ b/example/scp_write_nonblock.c
-@@ -243,7 +243,7 @@ int main(int argc, char *argv[])
-
- duration = (int)(time(NULL)-start);
-
-- printf("%ld bytes in %d seconds makes %.1f bytes/sec\n",
-+ fprintf(stderr, "%ld bytes in %d seconds makes %.1f bytes/sec\n",
- total, duration, total/(double)duration);
-
- fprintf(stderr, "Sending EOF\n");
-diff --git a/example/sftp.c b/example/sftp.c
-index e69b3c3..88ceba2 100644
---- a/example/sftp.c
-+++ b/example/sftp.c
-@@ -55,24 +55,24 @@ static void kbd_callback(const char *name, int name_len,
- char buf[1024];
- (void)abstract;
-
-- printf("Performing keyboard-interactive authentication.\n");
-+ fprintf(stderr, "Performing keyboard-interactive authentication.\n");
-
-- printf("Authentication name: '");
-- fwrite(name, 1, name_len, stdout);
-- printf("'\n");
-+ fprintf(stderr, "Authentication name: '");
-+ fwrite(name, 1, name_len, stderr);
-+ fprintf(stderr, "'\n");
-
-- printf("Authentication instruction: '");
-- fwrite(instruction, 1, instruction_len, stdout);
-- printf("'\n");
-+ fprintf(stderr, "Authentication instruction: '");
-+ fwrite(instruction, 1, instruction_len, stderr);
-+ fprintf(stderr, "'\n");
-
-- printf("Number of prompts: %d\n\n", num_prompts);
-+ fprintf(stderr, "Number of prompts: %d\n\n", num_prompts);
-
- for (i = 0; i < num_prompts; i++) {
-- printf("Prompt %d from server: '", i);
-- fwrite(prompts[i].text, 1, prompts[i].length, stdout);
-- printf("'\n");
-+ fprintf(stderr, "Prompt %d from server: '", i);
-+ fwrite(prompts[i].text, 1, prompts[i].length, stderr);
-+ fprintf(stderr, "'\n");
-
-- printf("Please type response: ");
-+ fprintf(stderr, "Please type response: ");
- fgets(buf, sizeof(buf), stdin);
- n = strlen(buf);
- while (n > 0 && strchr("\r\n", buf[n - 1]))
-@@ -82,12 +82,13 @@ static void kbd_callback(const char *name, int name_len,
- responses[i].text = strdup(buf);
- responses[i].length = n;
-
-- printf("Response %d from user is '", i);
-- fwrite(responses[i].text, 1, responses[i].length, stdout);
-- printf("'\n\n");
-+ fprintf(stderr, "Response %d from user is '", i);
-+ fwrite(responses[i].text, 1, responses[i].length, stderr);
-+ fprintf(stderr, "'\n\n");
- }
-
-- printf("Done. Sending keyboard-interactive responses to server now.\n");
-+ fprintf(stderr,
-+ "Done. Sending keyboard-interactive responses to server now.\n");
- }
-
-
-@@ -127,7 +128,7 @@ int main(int argc, char *argv[])
-
- rc = libssh2_init (0);
- if (rc != 0) {
-- fprintf (stderr, "libssh2 initialization failed (%d)\n", rc);
-+ fprintf(stderr, "libssh2 initialization failed (%d)\n", rc);
- return 1;
- }
-
-@@ -178,7 +179,7 @@ int main(int argc, char *argv[])
-
- /* check what authentication methods are available */
- userauthlist = libssh2_userauth_list(session, username, strlen(username));
-- printf("Authentication methods: %s\n", userauthlist);
-+ fprintf(stderr, "Authentication methods: %s\n", userauthlist);
- if (strstr(userauthlist, "password") != NULL) {
- auth_pw |= 1;
- }
-@@ -211,21 +212,23 @@ int main(int argc, char *argv[])
- } else if (auth_pw & 2) {
- /* Or via keyboard-interactive */
- if (libssh2_userauth_keyboard_interactive(session, username, &kbd_callback) ) {
-- printf("\tAuthentication by keyboard-interactive failed!\n");
-+ fprintf(stderr,
-+ "\tAuthentication by keyboard-interactive failed!\n");
- goto shutdown;
- } else {
-- printf("\tAuthentication by keyboard-interactive succeeded.\n");
-+ fprintf(stderr,
-+ "\tAuthentication by keyboard-interactive succeeded.\n");
- }
- } else if (auth_pw & 4) {
- /* Or by public key */
- if (libssh2_userauth_publickey_fromfile(session, username, keyfile1, keyfile2, password)) {
-- printf("\tAuthentication by public key failed!\n");
-+ fprintf(stderr, "\tAuthentication by public key failed!\n");
- goto shutdown;
- } else {
-- printf("\tAuthentication by public key succeeded.\n");
-+ fprintf(stderr, "\tAuthentication by public key succeeded.\n");
- }
- } else {
-- printf("No supported authentication methods found!\n");
-+ fprintf(stderr, "No supported authentication methods found!\n");
- goto shutdown;
- }
-
-diff --git a/example/sftp_RW_nonblock.c b/example/sftp_RW_nonblock.c
-index babb48a..77c2027 100644
---- a/example/sftp_RW_nonblock.c
-+++ b/example/sftp_RW_nonblock.c
-@@ -141,11 +141,11 @@ int main(int argc, char *argv[])
- * user, that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if(argc > 1) {
- username = argv[1];
-@@ -162,7 +162,7 @@ int main(int argc, char *argv[])
-
- tempstorage = fopen(STORAGE, "wb");
- if(!tempstorage) {
-- printf("Can't open temp storage file %s\n", STORAGE);
-+ fprintf(stderr, "Can't open temp storage file %s\n", STORAGE);
- goto shutdown;
- }
-
-@@ -171,7 +171,7 @@ int main(int argc, char *argv[])
- while ((rc = libssh2_userauth_password(session, username, password))
- == LIBSSH2_ERROR_EAGAIN);
- if (rc) {
-- printf("Authentication by password failed.\n");
-+ fprintf(stderr, "Authentication by password failed.\n");
- goto shutdown;
- }
- } else {
-@@ -185,7 +185,7 @@ int main(int argc, char *argv[])
- password)) ==
- LIBSSH2_ERROR_EAGAIN);
- if (rc) {
-- printf("\tAuthentication by public key failed\n");
-+ fprintf(stderr, "\tAuthentication by public key failed\n");
- goto shutdown;
- }
- }
-@@ -341,7 +341,7 @@ int main(int argc, char *argv[])
- #endif
- if (tempstorage)
- fclose(tempstorage);
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/sftp_append.c b/example/sftp_append.c
-index 731d21a..7585d38 100644
---- a/example/sftp_append.c
-+++ b/example/sftp_append.c
-@@ -86,7 +86,7 @@ int main(int argc, char *argv[])
-
- local = fopen(loclfile, "rb");
- if (!local) {
-- printf("Can't local file %s\n", loclfile);
-+ fprintf(stderr, "Can't open local file %s\n", loclfile);
- return -1;
- }
-
-@@ -129,16 +129,16 @@ int main(int argc, char *argv[])
- * user, that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if (auth_pw) {
- /* We could authenticate via password */
- if (libssh2_userauth_password(session, username, password)) {
-- printf("Authentication by password failed.\n");
-+ fprintf(stderr, "Authentication by password failed.\n");
- goto shutdown;
- }
- } else {
-@@ -147,7 +147,7 @@ int main(int argc, char *argv[])
- "/home/username/.ssh/id_rsa.pub",
- "/home/username/.ssh/id_rsa",
- password)) {
-- printf("\tAuthentication by public key failed\n");
-+ fprintf(stderr, "\tAuthentication by public key failed\n");
- goto shutdown;
- }
- }
-@@ -174,12 +174,12 @@ int main(int argc, char *argv[])
- }
-
- if(libssh2_sftp_fstat_ex(sftp_handle, &attrs, 0) < 0) {
-- printf("libssh2_sftp_fstat_ex failed\n");
-+ fprintf(stderr, "libssh2_sftp_fstat_ex failed\n");
- goto shutdown;
- }
- else
- libssh2_sftp_seek64(sftp_handle, attrs.filesize);
-- printf("Did a seek to position %ld\n", (long) attrs.filesize);
-+ fprintf(stderr, "Did a seek to position %ld\n", (long) attrs.filesize);
-
- fprintf(stderr, "libssh2_sftp_open() a handle for APPEND\n");
-
-@@ -222,7 +222,7 @@ shutdown:
- #endif
- if (local)
- fclose(local);
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/sftp_mkdir.c b/example/sftp_mkdir.c
-index 39af8f0..8747084 100644
---- a/example/sftp_mkdir.c
-+++ b/example/sftp_mkdir.c
-@@ -110,16 +110,16 @@ int main(int argc, char *argv[])
- * user, that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if (auth_pw) {
- /* We could authenticate via password */
- if (libssh2_userauth_password(session, username, password)) {
-- printf("Authentication by password failed.\n");
-+ fprintf(stderr, "Authentication by password failed.\n");
- goto shutdown;
- }
- } else {
-@@ -128,7 +128,7 @@ int main(int argc, char *argv[])
- "/home/username/.ssh/id_rsa.pub",
- "/home/username/.ssh/id_rsa",
- password)) {
-- printf("\tAuthentication by public key failed\n");
-+ fprintf(stderr, "\tAuthentication by public key failed\n");
- goto shutdown;
- }
- }
-@@ -164,7 +164,7 @@ int main(int argc, char *argv[])
- #else
- close(sock);
- #endif
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/sftp_mkdir_nonblock.c b/example/sftp_mkdir_nonblock.c
-index 84cdc8f..22a8f59 100644
---- a/example/sftp_mkdir_nonblock.c
-+++ b/example/sftp_mkdir_nonblock.c
-@@ -110,16 +110,16 @@ int main(int argc, char *argv[])
- * user, that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if (auth_pw) {
- /* We could authenticate via password */
- if (libssh2_userauth_password(session, username, password)) {
-- printf("Authentication by password failed.\n");
-+ fprintf(stderr, "Authentication by password failed.\n");
- goto shutdown;
- }
- } else {
-@@ -128,7 +128,7 @@ int main(int argc, char *argv[])
- "/home/username/.ssh/id_rsa.pub",
- "/home/username/.ssh/id_rsa",
- password)) {
-- printf("\tAuthentication by public key failed\n");
-+ fprintf(stderr, "\tAuthentication by public key failed\n");
- goto shutdown;
- }
- }
-@@ -164,7 +164,7 @@ int main(int argc, char *argv[])
- #else
- close(sock);
- #endif
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/sftp_nonblock.c b/example/sftp_nonblock.c
-index 6ddc109..29cec8a 100644
---- a/example/sftp_nonblock.c
-+++ b/example/sftp_nonblock.c
-@@ -251,7 +251,7 @@ int main(int argc, char *argv[])
-
- gettimeofday(&end, NULL);
- time_ms = tvdiff(end, start);
-- printf("Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
-+ fprintf(stderr, "Got %d bytes in %ld ms = %.1f bytes/sec spin: %d\n", total,
- time_ms, total/(time_ms/1000.0), spin );
-
- libssh2_sftp_close(sftp_handle);
-@@ -259,7 +259,7 @@ int main(int argc, char *argv[])
-
- shutdown:
-
-- printf("libssh2_session_disconnect\n");
-+ fprintf(stderr, "libssh2_session_disconnect\n");
- while (libssh2_session_disconnect(session,
- "Normal Shutdown, Thank you") ==
- LIBSSH2_ERROR_EAGAIN);
-diff --git a/example/sftp_write.c b/example/sftp_write.c
-index 9415ce4..483f80a 100644
---- a/example/sftp_write.c
-+++ b/example/sftp_write.c
-@@ -85,7 +85,7 @@ int main(int argc, char *argv[])
-
- local = fopen(loclfile, "rb");
- if (!local) {
-- printf("Can't local file %s\n", loclfile);
-+ fprintf(stderr, "Can't open local file %s\n", loclfile);
- return -1;
- }
-
-@@ -128,16 +128,16 @@ int main(int argc, char *argv[])
- * user, that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if (auth_pw) {
- /* We could authenticate via password */
- if (libssh2_userauth_password(session, username, password)) {
-- printf("Authentication by password failed.\n");
-+ fprintf(stderr, "Authentication by password failed.\n");
- goto shutdown;
- }
- } else {
-@@ -146,7 +146,7 @@ int main(int argc, char *argv[])
- "/home/username/.ssh/id_rsa.pub",
- "/home/username/.ssh/id_rsa",
- password)) {
-- printf("\tAuthentication by public key failed\n");
-+ fprintf(stderr, "\tAuthentication by public key failed\n");
- goto shutdown;
- }
- }
-@@ -206,7 +206,7 @@ shutdown:
- #endif
- if (local)
- fclose(local);
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/sftp_write_nonblock.c b/example/sftp_write_nonblock.c
-index 61cc5f4..0d66c40 100644
---- a/example/sftp_write_nonblock.c
-+++ b/example/sftp_write_nonblock.c
-@@ -125,7 +125,7 @@ int main(int argc, char *argv[])
-
- local = fopen(loclfile, "rb");
- if (!local) {
-- printf("Can't local file %s\n", loclfile);
-+ fprintf(stderr, "Can't open local file %s\n", loclfile);
- return -1;
- }
-
-@@ -169,18 +169,18 @@ int main(int argc, char *argv[])
- * that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if (auth_pw) {
- /* We could authenticate via password */
- while ((rc = libssh2_userauth_password(session, username, password)) ==
- LIBSSH2_ERROR_EAGAIN);
- if (rc) {
-- printf("Authentication by password failed.\n");
-+ fprintf(stderr, "Authentication by password failed.\n");
- goto shutdown;
- }
- } else {
-@@ -191,7 +191,7 @@ int main(int argc, char *argv[])
- password)) ==
- LIBSSH2_ERROR_EAGAIN);
- if (rc) {
-- printf("\tAuthentication by public key failed\n");
-+ fprintf(stderr, "\tAuthentication by public key failed\n");
- goto shutdown;
- }
- }
-@@ -253,7 +253,7 @@ int main(int argc, char *argv[])
-
- duration = (int)(time(NULL)-start);
-
-- printf("%ld bytes in %d seconds makes %.1f bytes/sec\n",
-+ fprintf(stderr, "%ld bytes in %d seconds makes %.1f bytes/sec\n",
- total, duration, total/(double)duration);
-
-
-@@ -272,7 +272,7 @@ shutdown:
- #else
- close(sock);
- #endif
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/sftp_write_sliding.c b/example/sftp_write_sliding.c
-index 2d8301c..c2ba39d 100644
---- a/example/sftp_write_sliding.c
-+++ b/example/sftp_write_sliding.c
-@@ -125,7 +125,7 @@ int main(int argc, char *argv[])
-
- local = fopen(loclfile, "rb");
- if (!local) {
-- printf("Can't local file %s\n", loclfile);
-+ fprintf(stderr, "Can't open local file %s\n", loclfile);
- return -1;
- }
-
-@@ -169,18 +169,18 @@ int main(int argc, char *argv[])
- * that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if (auth_pw) {
- /* We could authenticate via password */
- while ((rc = libssh2_userauth_password(session, username, password)) ==
- LIBSSH2_ERROR_EAGAIN);
- if (rc) {
-- printf("Authentication by password failed.\n");
-+ fprintf(stderr, "Authentication by password failed.\n");
- goto shutdown;
- }
- } else {
-@@ -191,7 +191,7 @@ int main(int argc, char *argv[])
- password)) ==
- LIBSSH2_ERROR_EAGAIN);
- if (rc) {
-- printf("\tAuthentication by public key failed\n");
-+ fprintf(stderr, "\tAuthentication by public key failed\n");
- goto shutdown;
- }
- }
-@@ -262,7 +262,7 @@ int main(int argc, char *argv[])
-
- duration = (int)(time(NULL)-start);
-
-- printf("%ld bytes in %d seconds makes %.1f bytes/sec\n",
-+ fprintf(stderr, "%ld bytes in %d seconds makes %.1f bytes/sec\n",
- total, duration, total/(double)duration);
-
-
-@@ -281,7 +281,7 @@ shutdown:
- #else
- close(sock);
- #endif
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/sftpdir.c b/example/sftpdir.c
-index 006fd27..cb9fb88 100644
---- a/example/sftpdir.c
-+++ b/example/sftpdir.c
-@@ -130,16 +130,16 @@ int main(int argc, char *argv[])
- * user, that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if (auth_pw) {
- /* We could authenticate via password */
- if (libssh2_userauth_password(session, username, password)) {
-- printf("Authentication by password failed.\n");
-+ fprintf(stderr, "Authentication by password failed.\n");
- goto shutdown;
- }
- } else {
-@@ -148,7 +148,7 @@ int main(int argc, char *argv[])
- "/home/username/.ssh/id_rsa.pub",
- "/home/username/.ssh/id_rsa",
- password)) {
-- printf("\tAuthentication by public key failed\n");
-+ fprintf(stderr, "\tAuthentication by public key failed\n");
- goto shutdown;
- }
- }
-@@ -229,7 +229,7 @@ int main(int argc, char *argv[])
- #else
- close(sock);
- #endif
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/sftpdir_nonblock.c b/example/sftpdir_nonblock.c
-index 38fb010..c8ad9f5 100644
---- a/example/sftpdir_nonblock.c
-+++ b/example/sftpdir_nonblock.c
-@@ -134,11 +134,11 @@ int main(int argc, char *argv[])
- * user, that's your call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- if (auth_pw) {
- /* We could authenticate via password */
-@@ -239,7 +239,7 @@ int main(int argc, char *argv[])
- #else
- close(sock);
- #endif
-- printf("all done\n");
-+ fprintf(stderr, "all done\n");
-
- libssh2_exit();
-
-diff --git a/example/ssh2.c b/example/ssh2.c
-index d5e6166..008496c 100644
---- a/example/ssh2.c
-+++ b/example/ssh2.c
-@@ -126,15 +126,15 @@ int main(int argc, char *argv[])
- * call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- /* check what authentication methods are available */
- userauthlist = libssh2_userauth_list(session, username, strlen(username));
-- printf("Authentication methods: %s\n", userauthlist);
-+ fprintf(stderr, "Authentication methods: %s\n", userauthlist);
- if (strstr(userauthlist, "password") != NULL) {
- auth_pw |= 1;
- }
-@@ -161,31 +161,33 @@ int main(int argc, char *argv[])
- if (auth_pw & 1) {
- /* We could authenticate via password */
- if (libssh2_userauth_password(session, username, password)) {
-- printf("\tAuthentication by password failed!\n");
-+ fprintf(stderr, "\tAuthentication by password failed!\n");
- goto shutdown;
- } else {
-- printf("\tAuthentication by password succeeded.\n");
-+ fprintf(stderr, "\tAuthentication by password succeeded.\n");
- }
- } else if (auth_pw & 2) {
- /* Or via keyboard-interactive */
- if (libssh2_userauth_keyboard_interactive(session, username,
- &kbd_callback) ) {
-- printf("\tAuthentication by keyboard-interactive failed!\n");
-+ fprintf(stderr,
-+ "\tAuthentication by keyboard-interactive failed!\n");
- goto shutdown;
- } else {
-- printf("\tAuthentication by keyboard-interactive succeeded.\n");
-+ fprintf(stderr,
-+ "\tAuthentication by keyboard-interactive succeeded.\n");
- }
- } else if (auth_pw & 4) {
- /* Or by public key */
- if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
- keyfile2, password)) {
-- printf("\tAuthentication by public key failed!\n");
-+ fprintf(stderr, "\tAuthentication by public key failed!\n");
- goto shutdown;
- } else {
-- printf("\tAuthentication by public key succeeded.\n");
-+ fprintf(stderr, "\tAuthentication by public key succeeded.\n");
- }
- } else {
-- printf("No supported authentication methods found!\n");
-+ fprintf(stderr, "No supported authentication methods found!\n");
- goto shutdown;
- }
-
-@@ -250,7 +252,7 @@ int main(int argc, char *argv[])
- #else
- close(sock);
- #endif
-- printf("all done!\n");
-+ fprintf(stderr, "all done!\n");
-
- libssh2_exit();
-
-diff --git a/example/ssh2_agent.c b/example/ssh2_agent.c
-index 9ca1a42..231445f 100644
---- a/example/ssh2_agent.c
-+++ b/example/ssh2_agent.c
-@@ -105,15 +105,15 @@ int main(int argc, char *argv[])
- * call
- */
- fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-- printf("Fingerprint: ");
-+ fprintf(stderr, "Fingerprint: ");
- for(i = 0; i < 20; i++) {
-- printf("%02X ", (unsigned char)fingerprint[i]);
-+ fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
- }
-- printf("\n");
-+ fprintf(stderr, "\n");
-
- /* check what authentication methods are available */
- userauthlist = libssh2_userauth_list(session, username, strlen(username));
-- printf("Authentication methods: %s\n", userauthlist);
-+ fprintf(stderr, "Authentication methods: %s\n", userauthlist);
- if (strstr(userauthlist, "publickey") == NULL) {
- fprintf(stderr, "\"publickey\" authentication is not supported\n");
- goto shutdown;
-@@ -147,11 +147,11 @@ int main(int argc, char *argv[])
- goto shutdown;
- }
- if (libssh2_agent_userauth(agent, username, identity)) {
-- printf("\tAuthentication with username %s and "
-+ fprintf(stderr, "\tAuthentication with username %s and "
- "public key %s failed!\n",
- username, identity->comment);
- } else {
-- printf("\tAuthentication with username %s and "
-+ fprintf(stderr, "\tAuthentication with username %s and "
- "public key %s succeeded!\n",
- username, identity->comment);
- break;
-@@ -234,7 +234,7 @@ int main(int argc, char *argv[])
- #endif
- }
-
-- printf("all done!\n");
-+ fprintf(stderr, "all done!\n");
-
- libssh2_exit();
-
-diff --git a/example/ssh2_echo.c b/example/ssh2_echo.c
-index 1fd8f3f..2430e33 100644
---- a/example/ssh2_echo.c
-+++ b/example/ssh2_echo.c
-@@ -327,7 +327,7 @@ int main(int argc, char *argv[])
- }
-
- if (exitsignal)
-- printf("\nGot signal: %s\n", exitsignal);
-+ fprintf(stderr, "\nGot signal: %s\n", exitsignal);
-
- libssh2_channel_free(channel);
- channel = NULL;
-diff --git a/example/ssh2_exec.c b/example/ssh2_exec.c
-index e5b151d..d47761c 100644
---- a/example/ssh2_exec.c
-+++ b/example/ssh2_exec.c
-@@ -292,9 +292,9 @@ int main(int argc, char *argv[])
- }
-
- if (exitsignal)
-- printf("\nGot signal: %s\n", exitsignal);
-+ fprintf(stderr, "\nGot signal: %s\n", exitsignal);
- else
-- printf("\nEXIT: %d bytecount: %d\n", exitcode, bytecount);
-+ fprintf(stderr, "\nEXIT: %d bytecount: %d\n", exitcode, bytecount);
-
- libssh2_channel_free(channel);
- channel = NULL;
-diff --git a/example/subsystem_netconf.c b/example/subsystem_netconf.c
-index 708113b..6f83661 100644
---- a/example/subsystem_netconf.c
-+++ b/example/subsystem_netconf.c
-@@ -173,7 +173,7 @@ int main(int argc, char *argv[])
-
- /* check what authentication methods are available */
- userauthlist = libssh2_userauth_list(session, username, strlen(username));
-- printf("Authentication methods: %s\n", userauthlist);
-+ fprintf(stderr, "Authentication methods: %s\n", userauthlist);
- if (strstr(userauthlist, "password"))
- auth |= AUTH_PASSWORD;
- if (strstr(userauthlist, "publickey"))
-@@ -195,12 +195,12 @@ int main(int argc, char *argv[])
- } else if (auth & AUTH_PUBLICKEY) {
- if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
- keyfile2, password)) {
-- printf("Authentication by public key failed!\n");
-+ fprintf(stderr, "Authentication by public key failed!\n");
- goto shutdown;
- }
-- printf("Authentication by public key succeeded.\n");
-+ fprintf(stderr, "Authentication by public key succeeded.\n");
- } else {
-- printf("No supported authentication methods found!\n");
-+ fprintf(stderr, "No supported authentication methods found!\n");
- goto shutdown;
- }
-
-@@ -223,7 +223,7 @@ int main(int argc, char *argv[])
-
- /* NETCONF: http://tools.ietf.org/html/draft-ietf-netconf-ssh-06 */
-
-- printf("Sending NETCONF client <hello>\n");
-+ fprintf(stderr, "Sending NETCONF client <hello>\n");
- snprintf(buf, sizeof(buf),
- "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
- "<hello>"
-@@ -235,14 +235,14 @@ int main(int argc, char *argv[])
- if (-1 == netconf_write(channel, buf, len))
- goto shutdown;
-
-- printf("Reading NETCONF server <hello>\n");
-+ fprintf(stderr, "Reading NETCONF server <hello>\n");
- len = netconf_read_until(channel, "</hello>", buf, sizeof(buf));
- if (-1 == len)
- goto shutdown;
-
-- printf("Got %d bytes:\n----------------------\n%s", (int)len, buf);
-+ fprintf(stderr, "Got %d bytes:\n----------------------\n%s", (int)len, buf);
-
-- printf("Sending NETCONF <rpc>\n");
-+ fprintf(stderr, "Sending NETCONF <rpc>\n");
- snprintf(buf, sizeof(buf),
- "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
- "<rpc xmlns=\"urn:ietf:params:xml:ns:netconf:base:1.0\">"
-@@ -252,12 +252,12 @@ int main(int argc, char *argv[])
- if (-1 == netconf_write(channel, buf, len))
- goto shutdown;
-
-- printf("Reading NETCONF <rpc-reply>\n");
-+ fprintf(stderr, "Reading NETCONF <rpc-reply>\n");
- len = netconf_read_until(channel, "</rpc-reply>", buf, sizeof(buf));
- if (-1 == len)
- goto shutdown;
-
-- printf("Got %d bytes:\n----------------------\n%s", (int)len, buf);
-+ fprintf(stderr, "Got %d bytes:\n----------------------\n%s", (int)len, buf);
-
- shutdown:
- if (channel)
-diff --git a/example/tcpip-forward.c b/example/tcpip-forward.c
-index a408b69..94d3cc8 100644
---- a/example/tcpip-forward.c
-+++ b/example/tcpip-forward.c
-@@ -137,7 +137,7 @@ int main(int argc, char *argv[])
-
- /* check what authentication methods are available */
- userauthlist = libssh2_userauth_list(session, username, strlen(username));
-- printf("Authentication methods: %s\n", userauthlist);
-+ fprintf(stderr, "Authentication methods: %s\n", userauthlist);
- if (strstr(userauthlist, "password"))
- auth |= AUTH_PASSWORD;
- if (strstr(userauthlist, "publickey"))
-@@ -159,17 +159,17 @@ int main(int argc, char *argv[])
- } else if (auth & AUTH_PUBLICKEY) {
- if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
- keyfile2, password)) {
-- printf("\tAuthentication by public key failed!\n");
-+ fprintf(stderr, "\tAuthentication by public key failed!\n");
- goto shutdown;
- }
-- printf("\tAuthentication by public key succeeded.\n");
-+ fprintf(stderr, "\tAuthentication by public key succeeded.\n");
- } else {
-- printf("No supported authentication methods found!\n");
-+ fprintf(stderr, "No supported authentication methods found!\n");
- goto shutdown;
- }
-
-- printf("Asking server to listen on remote %s:%d\n", remote_listenhost,
-- remote_wantport);
-+ fprintf(stderr, "Asking server to listen on remote %s:%d\n",
-+ remote_listenhost, remote_wantport);
-
- listener = libssh2_channel_forward_listen_ex(session, remote_listenhost,
- remote_wantport, &remote_listenport, 1);
-@@ -180,10 +180,10 @@ int main(int argc, char *argv[])
- goto shutdown;
- }
-
-- printf("Server is listening on %s:%d\n", remote_listenhost,
-+ fprintf(stderr, "Server is listening on %s:%d\n", remote_listenhost,
- remote_listenport);
-
-- printf("Waiting for remote connection\n");
-+ fprintf(stderr, "Waiting for remote connection\n");
- channel = libssh2_channel_forward_accept(listener);
- if (!channel) {
- fprintf(stderr, "Could not accept connection!\n"
-@@ -192,7 +192,8 @@ int main(int argc, char *argv[])
- goto shutdown;
- }
-
-- printf("Accepted remote connection. Connecting to local server %s:%d\n",
-+ fprintf(stderr,
-+ "Accepted remote connection. Connecting to local server %s:%d\n",
- local_destip, local_destport);
- forwardsock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
- sin.sin_family = AF_INET;
-@@ -206,7 +207,7 @@ int main(int argc, char *argv[])
- goto shutdown;
- }
-
-- printf("Forwarding connection from remote %s:%d to local %s:%d\n",
-+ fprintf(stderr, "Forwarding connection from remote %s:%d to local %s:%d\n",
- remote_listenhost, remote_listenport, local_destip, local_destport);
-
- /* Must use non-blocking IO hereafter due to the current libssh2 API */
-@@ -228,7 +229,7 @@ int main(int argc, char *argv[])
- perror("read");
- goto shutdown;
- } else if (0 == len) {
-- printf("The local server at %s:%d disconnected!\n",
-+ fprintf(stderr, "The local server at %s:%d disconnected!\n",
- local_destip, local_destport);
- goto shutdown;
- }
-@@ -260,7 +261,7 @@ int main(int argc, char *argv[])
- wr += i;
- }
- if (libssh2_channel_eof(channel)) {
-- printf("The remote client at %s:%d disconnected!\n",
-+ fprintf(stderr, "The remote client at %s:%d disconnected!\n",
- remote_listenhost, remote_listenport);
- goto shutdown;
- }
---
-1.7.1
-
diff --git a/libssh2-1.4.2-fips.patch b/libssh2-1.4.2-fips.patch
deleted file mode 100644
index 38d49af..0000000
--- a/libssh2-1.4.2-fips.patch
+++ /dev/null
@@ -1,334 +0,0 @@
-From 43b730ce56f010e9d33573fcb020df49798c1ed8 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Mon, 10 Sep 2012 15:32:40 +0200
-Subject: [PATCH 1/4] kex: do not ignore failure of libssh2_md5_init()
-
-The MD5 algorithm is disabled when running in FIPS mode.
----
- src/hostkey.c | 4 +++-
- src/kex.c | 13 +++++++++----
- src/libgcrypt.h | 6 +++++-
- src/libssh2_priv.h | 1 +
- src/openssl.h | 3 +++
- 5 files changed, 21 insertions(+), 6 deletions(-)
-
-diff --git a/src/hostkey.c b/src/hostkey.c
-index 53f7479..753563d 100644
---- a/src/hostkey.c
-+++ b/src/hostkey.c
-@@ -429,7 +429,9 @@ libssh2_hostkey_hash(LIBSSH2_SESSION * session, int hash_type)
- switch (hash_type) {
- #if LIBSSH2_MD5
- case LIBSSH2_HOSTKEY_HASH_MD5:
-- return (char *) session->server_hostkey_md5;
-+ return (session->server_hostkey_md5_valid)
-+ ? (char *) session->server_hostkey_md5
-+ : NULL;
- break;
- #endif /* LIBSSH2_MD5 */
- case LIBSSH2_HOSTKEY_HASH_SHA1:
-diff --git a/src/kex.c b/src/kex.c
-index 0a72cb7..07e717f 100644
---- a/src/kex.c
-+++ b/src/kex.c
-@@ -218,10 +218,15 @@ static int diffie_hellman_sha1(LIBSSH2_SESSION *session,
- {
- libssh2_md5_ctx fingerprint_ctx;
-
-- libssh2_md5_init(&fingerprint_ctx);
-- libssh2_md5_update(fingerprint_ctx, session->server_hostkey,
-- session->server_hostkey_len);
-- libssh2_md5_final(fingerprint_ctx, session->server_hostkey_md5);
-+ if (libssh2_md5_init(&fingerprint_ctx)) {
-+ libssh2_md5_update(fingerprint_ctx, session->server_hostkey,
-+ session->server_hostkey_len);
-+ libssh2_md5_final(fingerprint_ctx, session->server_hostkey_md5);
-+ session->server_hostkey_md5_valid = TRUE;
-+ }
-+ else {
-+ session->server_hostkey_md5_valid = FALSE;
-+ }
- }
- #ifdef LIBSSH2DEBUG
- {
-diff --git a/src/libgcrypt.h b/src/libgcrypt.h
-index 04516e5..1f0276e 100644
---- a/src/libgcrypt.h
-+++ b/src/libgcrypt.h
-@@ -68,7 +68,11 @@
- gcry_md_hash_buffer (GCRY_MD_SHA1, out, message, len)
-
- #define libssh2_md5_ctx gcry_md_hd_t
--#define libssh2_md5_init(ctx) gcry_md_open (ctx, GCRY_MD_MD5, 0);
-+
-+/* returns 0 in case of failure */
-+#define libssh2_md5_init(ctx) \
-+ (GPG_ERR_NO_ERROR == gcry_md_open (ctx, GCRY_MD_MD5, 0))
-+
- #define libssh2_md5_update(ctx, data, len) gcry_md_write (ctx, data, len)
- #define libssh2_md5_final(ctx, out) \
- memcpy (out, gcry_md_read (ctx, 0), MD5_DIGEST_LENGTH), gcry_md_close (ctx)
-diff --git a/src/libssh2_priv.h b/src/libssh2_priv.h
-index 23fbc65..196864d 100644
---- a/src/libssh2_priv.h
-+++ b/src/libssh2_priv.h
-@@ -597,6 +597,7 @@ struct _LIBSSH2_SESSION
- uint32_t server_hostkey_len;
- #if LIBSSH2_MD5
- unsigned char server_hostkey_md5[MD5_DIGEST_LENGTH];
-+ int server_hostkey_md5_valid;
- #endif /* ! LIBSSH2_MD5 */
- unsigned char server_hostkey_sha1[SHA_DIGEST_LENGTH];
-
-diff --git a/src/openssl.h b/src/openssl.h
-index 6d2aeed..4835ab6 100644
---- a/src/openssl.h
-+++ b/src/openssl.h
-@@ -113,7 +113,10 @@
- void libssh2_sha1(const unsigned char *message, unsigned long len, unsigned char *out);
-
- #define libssh2_md5_ctx EVP_MD_CTX
-+
-+/* returns 0 in case of failure */
- #define libssh2_md5_init(ctx) EVP_DigestInit(ctx, EVP_get_digestbyname("md5"))
-+
- #define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
- #define libssh2_md5_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
- void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char *out);
---
-1.7.1
-
-
-From bfbb5a4dc75c04b3532063c03b80796dd6d69da4 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Mon, 10 Sep 2012 15:59:16 +0200
-Subject: [PATCH 2/4] openssl: do not ignore failure of EVP_CipherInit()
-
----
- src/openssl.c | 3 +--
- 1 files changed, 1 insertions(+), 2 deletions(-)
-
-diff --git a/src/openssl.c b/src/openssl.c
-index 481982c..c61cb0e 100644
---- a/src/openssl.c
-+++ b/src/openssl.c
-@@ -175,8 +175,7 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
- unsigned char *iv, unsigned char *secret, int encrypt)
- {
- EVP_CIPHER_CTX_init(h);
-- EVP_CipherInit(h, algo(), secret, iv, encrypt);
-- return 0;
-+ return !EVP_CipherInit(h, algo(), secret, iv, encrypt);
- }
-
- int
---
-1.7.1
-
-
-From 5d567faecce45a891de2a3e10fad7b221a4f6540 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Tue, 11 Sep 2012 09:33:34 +0200
-Subject: [PATCH 3/4] crypt: use hard-wired cipher block sizes consistently
-
----
- src/crypt.c | 8 +++++---
- src/crypto.h | 2 +-
- src/libgcrypt.c | 8 +-------
- src/libssh2_priv.h | 2 +-
- src/openssl.c | 7 +------
- src/transport.c | 3 ++-
- 6 files changed, 11 insertions(+), 19 deletions(-)
-
-diff --git a/src/crypt.c b/src/crypt.c
-index 93d99c4..931ae8b 100644
---- a/src/crypt.c
-+++ b/src/crypt.c
-@@ -96,11 +96,12 @@ crypt_init(LIBSSH2_SESSION * session,
-
- static int
- crypt_encrypt(LIBSSH2_SESSION * session, unsigned char *block,
-- void **abstract)
-+ size_t blocksize, void **abstract)
- {
- struct crypt_ctx *cctx = *(struct crypt_ctx **) abstract;
- (void) session;
-- return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block);
-+ return _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block,
-+ blocksize);
- }
-
- static int
-@@ -248,7 +249,8 @@ crypt_init_arcfour128(LIBSSH2_SESSION * session,
- unsigned char block[8];
- size_t discard = 1536;
- for (; discard; discard -= 8)
-- _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block);
-+ _libssh2_cipher_crypt(&cctx->h, cctx->algo, cctx->encrypt, block,
-+ method->blocksize);
- }
-
- return rc;
-diff --git a/src/crypto.h b/src/crypto.h
-index 8cf34f5..5dc5931 100644
---- a/src/crypto.h
-+++ b/src/crypto.h
-@@ -103,7 +103,7 @@ int _libssh2_cipher_init(_libssh2_cipher_ctx * h,
-
- int _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
- _libssh2_cipher_type(algo),
-- int encrypt, unsigned char *block);
-+ int encrypt, unsigned char *block, size_t blocksize);
-
- int _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
- unsigned char **method,
-diff --git a/src/libgcrypt.c b/src/libgcrypt.c
-index 5c2787b..29770c7 100644
---- a/src/libgcrypt.c
-+++ b/src/libgcrypt.c
-@@ -553,17 +553,11 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
- int
- _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
- _libssh2_cipher_type(algo),
-- int encrypt, unsigned char *block)
-+ int encrypt, unsigned char *block, size_t blklen)
- {
- int cipher = _libssh2_gcry_cipher (algo);
-- size_t blklen = gcry_cipher_get_algo_blklen(cipher);
- int ret;
-
-- if (blklen == 1) {
--/* Hack for arcfour. */
-- blklen = 8;
-- }
--
- if (encrypt) {
- ret = gcry_cipher_encrypt(*ctx, block, blklen, block, blklen);
- } else {
-diff --git a/src/libssh2_priv.h b/src/libssh2_priv.h
-index 196864d..4ec9f73 100644
---- a/src/libssh2_priv.h
-+++ b/src/libssh2_priv.h
-@@ -883,7 +883,7 @@ struct _LIBSSH2_CRYPT_METHOD
- int *free_iv, unsigned char *secret, int *free_secret,
- int encrypt, void **abstract);
- int (*crypt) (LIBSSH2_SESSION * session, unsigned char *block,
-- void **abstract);
-+ size_t blocksize, void **abstract);
- int (*dtor) (LIBSSH2_SESSION * session, void **abstract);
-
- _libssh2_cipher_type(algo);
-diff --git a/src/openssl.c b/src/openssl.c
-index c61cb0e..8643591 100644
---- a/src/openssl.c
-+++ b/src/openssl.c
-@@ -181,18 +181,13 @@ _libssh2_cipher_init(_libssh2_cipher_ctx * h,
- int
- _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,
- _libssh2_cipher_type(algo),
-- int encrypt, unsigned char *block)
-+ int encrypt, unsigned char *block, size_t blocksize)
- {
-- int blocksize = ctx->cipher->block_size;
- unsigned char buf[EVP_MAX_BLOCK_LENGTH];
- int ret;
- (void) algo;
- (void) encrypt;
-
-- if (blocksize == 1) {
--/* Hack for arcfour. */
-- blocksize = 8;
-- }
- ret = EVP_Cipher(ctx, buf, block, blocksize);
- if (ret == 1) {
- memcpy(block, buf, blocksize);
-diff --git a/src/transport.c b/src/transport.c
-index 15425b9..b4ec037 100644
---- a/src/transport.c
-+++ b/src/transport.c
-@@ -139,7 +139,7 @@ decrypt(LIBSSH2_SESSION * session, unsigned char *source,
- assert((len % blocksize) == 0);
-
- while (len >= blocksize) {
-- if (session->remote.crypt->crypt(session, source,
-+ if (session->remote.crypt->crypt(session, source, blocksize,
- &session->remote.crypt_abstract)) {
- LIBSSH2_FREE(session, p->payload);
- return LIBSSH2_ERROR_DECRYPT;
-@@ -834,6 +834,7 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
- for(i = 0; i < packet_length; i += session->local.crypt->blocksize) {
- unsigned char *ptr = &p->outbuf[i];
- if (session->local.crypt->crypt(session, ptr,
-+ session->local.crypt->blocksize,
- &session->local.crypt_abstract))
- return LIBSSH2_ERROR_ENCRYPT; /* encryption failure */
- }
---
-1.7.1
-
-
-From 9f6fd5af8282ef82c0ff8d89cf9ebc121bb35b59 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Tue, 11 Sep 2012 09:02:31 +0200
-Subject: [PATCH 4/4] Revert "aes: the init function fails when OpenSSL has AES support"
-
-This partially reverts commit f4f2298ef3635acd031cc2ee0e71026cdcda5864.
-
-We need to use the EVP_aes_???_ctr() functions in FIPS mode.
----
- src/openssl.h | 6 ++++++
- 1 files changed, 6 insertions(+), 0 deletions(-)
-
-diff --git a/src/openssl.h b/src/openssl.h
-index 4835ab6..6f21a1a 100644
---- a/src/openssl.h
-+++ b/src/openssl.h
-@@ -151,9 +151,15 @@ void libssh2_md5(const unsigned char *message, unsigned long len, unsigned char
- #define _libssh2_cipher_aes256 EVP_aes_256_cbc
- #define _libssh2_cipher_aes192 EVP_aes_192_cbc
- #define _libssh2_cipher_aes128 EVP_aes_128_cbc
-+#ifdef HAVE_EVP_AES_128_CTR
-+#define _libssh2_cipher_aes128ctr EVP_aes_128_ctr
-+#define _libssh2_cipher_aes192ctr EVP_aes_192_ctr
-+#define _libssh2_cipher_aes256ctr EVP_aes_256_ctr
-+#else
- #define _libssh2_cipher_aes128ctr _libssh2_EVP_aes_128_ctr
- #define _libssh2_cipher_aes192ctr _libssh2_EVP_aes_192_ctr
- #define _libssh2_cipher_aes256ctr _libssh2_EVP_aes_256_ctr
-+#endif
- #define _libssh2_cipher_blowfish EVP_bf_cbc
- #define _libssh2_cipher_arcfour EVP_rc4
- #define _libssh2_cipher_cast5 EVP_cast5_cbc
---
-1.7.1
-
-From fe8f3deb480d1fcef0d720e6b9acabbd640fe7c3 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Thu, 1 Nov 2012 14:57:06 +0100
-Subject: [PATCH] libssh2_hostkey_hash.3: update the description of return value
-
-The function returns NULL also if the hash algorithm is not available.
----
- docs/libssh2_hostkey_hash.3 | 7 ++++---
- 1 files changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/docs/libssh2_hostkey_hash.3 b/docs/libssh2_hostkey_hash.3
-index f78831c..c2f1644 100644
---- a/docs/libssh2_hostkey_hash.3
-+++ b/docs/libssh2_hostkey_hash.3
-@@ -18,8 +18,9 @@ Returns the computed digest of the remote system's hostkey. The length of
- the returned string is hash_type specific (e.g. 16 bytes for MD5,
- 20 bytes for SHA1).
- .SH RETURN VALUE
--Computed hostkey hash value. or NULL if the session has not yet been started
--up. (The hash consists of raw binary bytes, not hex digits, so is not
--directly printable.)
-+Computed hostkey hash value, or NULL if the information is not available
-+(either the session has not yet been started up, or the requested hash
-+algorithm was not available). The hash consists of raw binary bytes, not hex
-+digits, so it is not directly printable.
- .SH SEE ALSO
- .BR libssh2_session_init_ex(3)
---
-1.7.1
-
diff --git a/libssh2.spec b/libssh2.spec
index cff63e8..7ea624f 100644
--- a/libssh2.spec
+++ b/libssh2.spec
@@ -8,16 +8,14 @@
%endif
Name: libssh2
-Version: 1.4.2
-Release: 4%{?dist}
+Version: 1.4.3
+Release: 1%{?dist}
Summary: A library implementing the SSH2 protocol
Group: System Environment/Libraries
License: BSD
URL: http://www.libssh2.org/
Source0: http://libssh2.org/download/libssh2-%{version}.tar.gz
Patch0: libssh2-1.4.2-utf8.patch
-Patch1: libssh2-1.4.2-fips.patch
-Patch2: libssh2-1.4.2-examples.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
BuildRequires: openssl-devel
BuildRequires: zlib-devel
@@ -67,12 +65,6 @@ developing applications that use libssh2.
# Make sure things are UTF-8...
%patch0 -p1
-# Make sure libssh2 works in FIPS mode...
-%patch1 -p1
-
-# examples: use stderr for messages, stdout for data
-%patch2 -p1
-
# Make sshd transition appropriately if building in an SELinux environment
%if !(0%{?fedora} >= 17 || 0%{?rhel} >= 7)
chcon $(/usr/sbin/matchpathcon -n /etc/rc.d/init.d/sshd) tests/ssh2.sh || :
@@ -136,13 +128,29 @@ rm -rf %{buildroot}
%{_libdir}/pkgconfig/libssh2.pc
%changelog
+* Wed Nov 28 2012 Paul Howarth <paul@city-fan.org> 1.4.3-1
+- Update to 1.4.3
+ - compression: add support for zlib@openssh.com
+ - sftp_read: return error if a too large package arrives
+ - libssh2_hostkey_hash.3: update the description of return value
+ - Fixed MSVC NMakefile
+ - examples: use stderr for messages, stdout for data
+ - openssl: do not leak memory when handling errors
+ - improved handling of disabled MD5 algorithm in OpenSSL
+ - known_hosts: Fail when parsing unknown keys in known_hosts file
+ - configure: gcrypt doesn't come with pkg-config support
+ - session_free: wrong variable used for keeping state
+ - libssh2_userauth_publickey_fromfile_ex.3: mention publickey == NULL
+ - comp_method_zlib_decomp: handle Z_BUF_ERROR when inflating
+- Drop upstreamed patches
+
* Wed Nov 07 2012 Kamil Dudka <kdudka@redhat.com> 1.4.2-4
- examples: use stderr for messages, stdout for data (upstream commit b31e35ab)
-- update libssh2_hostkey_hash(3) man page (upstream commit fe8f3deb)
+- Update libssh2_hostkey_hash(3) man page (upstream commit fe8f3deb)
* Wed Sep 26 2012 Kamil Dudka <kdudka@redhat.com> 1.4.2-3
-- fix basic functionality of libssh2 in FIPS mode
-- skip SELinux-related quirks on recent distros to prevent a test-suite failure
+- Fix basic functionality of libssh2 in FIPS mode
+- Skip SELinux-related quirks on recent distros to prevent a test-suite failure
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
diff --git a/sources b/sources
index 397badd..fab710a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-42e2b3796ac07fc1dbafc7abcc002cd3 libssh2-1.4.2.tar.gz
+071004c60c5d6f90354ad1b701013a0b libssh2-1.4.3.tar.gz
bgstack15