aboutsummaryrefslogtreecommitdiff
path: root/src/CMakeLists.txt
AgeCommit message (Collapse)AuthorFilesLines
2024-03-08Rework the coverage buildJakub Jelen1-0/+7
This reworks it to avoid a need to special build type and adding the flags only to the targets that need it (skipping testing wrappers which break with them). It also updates the CodeCoverage module from the following URL: https://github.com/bilke/cmake-modules/blob/master/CodeCoverage.cmake Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2024-03-06Issue #157: Use the current TTY's settings by default.Daniel Evers1-0/+1
When opening a PTY on the server, try to use the current TTY's settings (i.e. based on STDIN). If that fails or STDIN isn't a TTY, use default modes that avoid any character translation. Don't rely on stdin to be a TTY (breaks CI). Instead, open a PTY and temporarily use that as "fake" stdin. Signed-off-by: Daniel Evers (daniel.evers@utimaco.com) Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2024-02-22cmake: use imported targets for OpenSSL and zlibGregor Jasny1-20/+4
Imported targets are highly preferred over the individual variables for includes and libs because they will be used in a coherent way and any spelling mistakes or unavailability won't go unnoticed. Also it will prevent bugs like conan-io/conan-center-index#16900 or using mismatching header/libs combinations. Signed-off-by: Gregor Jasny <gjasny@googlemail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-12-18CVE-2023-6004: misc: Add ipv6 link-local check for an ip addressNorbert Pocs1-1/+2
Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-05Remove binary include dir from PRIVATE_INCLUDE_DIRSSven Fischer1-1/+0
Signed-off-by: Sven Fischer <sven@leiderfischer.de> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-05Add binary dir to target include directoriesSven Fischer1-0/+2
Build binary dir contains the libssh_version.h file. By adding the binary dir to the target include path, the include file can be found by projects which use libssh as a sub-project by add_subdirectory(). Signed-off-by: Sven Fischer <sven@leiderfischer.de> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-04Introduce sftp async i/o (aio) apiEshan Kelkar1-0/+1
The existing sftp async read api has two problems : 1. sftp_async_read() assumes that the value of the third parameter count is same as the number of bytes requested to read in the corresponding call to sftp_async_read_begin(). But the documentation of sftp_async_read() allows the value of count parameter to be more than that requested length. If value of count parameter is more than that requested length then sftp_async_read() updates the file->offset incorrectly which leads to further read/writes occuring from incorrect offsets. The problem here is that sftp_async_read() doesn't know about the number of bytes requested to read specified in the call to sftp_async_read_begin(), and it wrongly assumes the value of its count parameter (which is actually the size of the buffer to store the read data) to be the same as the number of bytes requested to read. 2. sftp_async_read_begin() returns an uint32_t type value type casted to int as a request identifier, whereas sftp_async_read() expects an uint32_t type value as a request identifier. Due to this the user has to typecast the identifier returned by sftp_async_read_begin() from int to uint32_t and then pass it to sftp_async_read(). This type casting is cumbersome for the user and hence the approach is not user-friendly. This commit solves the above two problems by introducing a new sftp aio api. The sftp_aio_begin_*() functions in the api send an i/o request to the sftp server and provide the caller a dynamically allocated structure storing information about the sent request. Information like number of bytes requested for i/o, id of sent request etc is stored in the structure. That structure should be provided to the sftp_aio_wait_*() functions in the api which wait for the response corresponding to the request whose info is stored in the provided structure. The libssh user is supposed to handle that structure through an opaque type sftp_aio. Since the structure stores the number of bytes requested for i/o, sftp_aio_wait_*() knows about the number of bytes requested for i/o (specified in the call to sftp_aio_begin_*()) and hence updates the file->offset correctly solving problem #1 present in the existing async api. Since the structure provided by sftp_aio_begin_*() (containing the request id) is supplied to sftp_aio_wait_*(), no casting of id's needs to be done by the user solving problem #2 of the existing async api. Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-12-04Move certain functions from sftp.c to a new file sftp_common.cEshan Kelkar1-0/+1
Currently the sftp api code is limited to sftp.c, sftpserver.c In future it can be required to add new sftp related APIs which are present in their own separate source files instead of adding their code to the already large sftp.c file. Those new hypothetical or existing (in sftpserver.c) sftp API functions present in the source files other than sftp.c will need to call certain functions present in sftp.c which are not provided in the public api as they are for internal use (by other sftp related functions) only. Some of these sftp.c functions have external linkage, some of them don't and cannot be currently accessed outside sftp.c This commit : 1. Moves such functions along with the functions they depend on from sftp.c to a new file sftp_common.c, to seperate them out from other sftp api functions. 2. Makes necessary changes to make required functions visible outside sftp_common.c 3. Uses the header file sftp_priv.h for necessary declarations (and not sftp.h) since these functions are not to be provided in the public sftp api. Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com> Reviewed-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-04-14cmake: Return back the DEFAULT_C_COMPILE_FLAGSJakub Jelen1-0/+6
Accidentally removed in 1689b83d0f5f2b7a048810e1349104ab41e8c4c0. Reported in #185 by Peter Kästle Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>
2022-10-31ConfigureChecks.cmake: Remove implicitly included function checksNorbert Pocs1-16/+3
Removing support for older openssl versions than 1.1.1 makes some functions implicitly included; we do not have to check the availability of these functions. Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2022-10-04Libssh-0.10.4 cannot be compiled anymore on CYGWINCarlo Bramini1-0/+6
Commit 8cf9c816 "Do not force GNU_SOURCE during build to fix #141" has broken support for CYGWIN. The build hangs with this error message: libssh-0.10.4/src/config.c: In function ‘local_parse_glob’: libssh-0.10.4/src/config.c:252:25: error: ‘GLOB_TILDE’ undeclared (first use in this function) 252 | rt = glob(fileglob, GLOB_TILDE, NULL, &globbuf); | ^~~~~~~~~~ I think that it would be better to re-add it, by using target_compile_definitions() rather than target_compile_options(), which is more appropriate in my opinion. Signed-off-by: Carlo Bramini carlo_bramini@users.sourceforge.net Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2022-08-30Do not force GNU_SOURCE during build to fix #141Jakub Jelen1-8/+0
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2022-07-19Move digest functions into separate fileJakub Jelen1-0/+3
The external ed25519 requires also the sha512 functions to work. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2022-07-19Build external override library with all symbolsJakub Jelen1-0/+3
The curve25519 depends on ssh_get_random, which is normally built into libssh. For the external override tests to build, we need to have them in separate source file that can be included for this test. For some reason, this did not happen on CI builds, but it did happen in koji during RPM builds. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2022-07-08cmake: Build curve25519_ref.c if we build with libgcryptAndreas Schneider1-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2022-06-09cmake: Move the ws2_32 as the last library for mingw to workJakub Jelen1-7/+9
Fixes: https://gitlab.com/libssh/libssh-mirror/-/issues/84 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2021-02-04cmake: Avoid setting compiler flags directlyDDoSolitary1-13/+6
Calling set_target_properties directly overrides previously set flags, so replace them with target_compile_definitions and target_link_options. Signed-off-by: DDoSolitary <DDoSolitary@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-12libmbedcrypto: Fix chacha20-poly1305Anderson Toshiyuki Sasaki1-3/+9
Previously, the mbed TLS implementation wouldn't be use at all when available, being the internal implementation always used instead. This corrects few bugs and makes the mbed TLS implementation to be used when ChaCha20 and Poly1305 are available. This also makes the constant time comparison to be used when checking the authentication tag. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-12packet_crypt: Move secure_memcmp() to a shared sourceAnderson Toshiyuki Sasaki1-0/+1
Move the secure_memcmp() function to a shared source to make it available internally for other crypto implementations. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-12-10Use OPENSSL_CRYPTO_LIBRARIES CMake variable when linking against OpenSSLKevin Kane1-3/+3
The build currently breaks when attempting to link libssh.so using a statically-linked OpenSSL. -ldl and -lpthread are required when linking a binary with the static libcrypto.a. The OPENSSL_CRYPTO_LIBRARY does not include these dependencies when linking against static OpenSSL. OPENSSL_CRYPTO_LIBRARIES contains the correct dependencies in both static and shared configurations; -ldl and -lpthread are not required when linking against shared libcrypto.so. This change changes all uses of OPENSSL_CRYPTO_LIBRARY to OPENSSL_CRYPTO_LIBRARIES to let the FindOpenSSL CMake module always provide the correct libraries at link time. Signed-off-by: Kevin Kane <kkane@microsoft.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-10Revert "cmake: Use OPENSSL_CRYPTO_LIBRARIES CMake variable when linking ↵Andreas Schneider1-3/+3
against OpenSSL" This reverts commit 026879e9f0d766ebe651e6d3fd9809e243928391.
2020-12-10cmake: Use OPENSSL_CRYPTO_LIBRARIES CMake variable when linking against OpenSSLKevin Kane1-3/+3
The build currently breaks when attempting to link libssh.so using a statically-linked OpenSSL. -ldl and -lpthread are required when linking a binary with the static libcrypto.a. The OPENSSL_CRYPTO_LIBRARY does not include these dependencies when linking against static OpenSSL. OPENSSL_CRYPTO_LIBRARIES contains the correct dependencies in both static and shared configurations; -ldl and -lpthread are not required when linking against shared libcrypto.so. This change changes all uses of OPENSSL_CRYPTO_LIBRARY to OPENSSL_CRYPTO_LIBRARIES to let the FindOpenSSL CMake module always provide the correct libraries at link time. Signed-off-by: Kevin Kane <kkane@microsoft.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-05-15cmake: add _POSIX_SOURCEDavid Wedderwille1-0/+1
Fixes T228 Signed-off-by: David Wedderwille <davidwe@posteo.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2020-05-06cmake: Add autogenerated libssh_version.hHeiko Thiery1-0/+1
Set the cmake project verision to the autogenerated file to have a single point to set the version. This will be included in the libssh.h file. Pair-Programmed-With: Andreas Schneider <asn@cryptomilk.org> Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-04-01cmake: Fix building with threading support on MinGWAndreas Schneider1-0/+7
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2020-01-23Implement ChaCha20-poly1305 cipher using native OpenSSLJakub Jelen1-3/+8
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-01-23Do not build in internal chacha implementation if gcrypt supports thatJakub Jelen1-3/+14
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-11-14cmake: Fix building libssh as a static lib on WindowsAndreas Schneider1-0/+4
Fixes T198 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-11-07cmake: Do not use cached LIBSSH_PUBLIC_INCLUDE_DIRSAndreas Schneider1-5/+5
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-11-07cmake: Rename static libraryAndreas Schneider1-7/+11
This is only compiled for tests and fuzzers! Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-11-07cmake: Create ssh library directly as libsshAndreas Schneider1-17/+13
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-11-07cmake: Remove WITH_STATIC_LIBAndreas Schneider1-9/+0
We will honor BUILD_SHARED_LIBS from cmake next. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-11-07cmake: Don't cache LIBSSH_LINK_LIBRARIESAndreas Schneider1-5/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-11-07cmake: Remove libsocketAndreas Schneider1-7/+0
This is already part of LIBSSH_REQUIRED_LIBRARIES Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-11-07cmake: Use target_include_directories()Andreas Schneider1-5/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-09-24cmake: Do not build internal ed25519 when unnecessaryAnderson Toshiyuki Sasaki1-8/+18
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-09-24pki_crypto: Use OpenSSL for Ed25519 signaturesAnderson Toshiyuki Sasaki1-1/+8
Use OpenSSL to generate and verify Ed25519 signatures, if supported. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-09-24pki: Move common Ed25519 functions to pki_ed25519_common.cAnderson Toshiyuki Sasaki1-0/+1
This is a preparation to use the Ed25519 implementation from OpenSSL. The function pki_ed25519_sig_to_blob() was renamed to pki_ed25519_signature_to_blob() and pki_ed25519_sig_from_blob() was renamed to pki_signature_from_ed25519_blob() to follow the naming for other algorithms. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-07-08cmake: Fix linking shared and static librariesAndreas Schneider1-1/+5
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-07-04cmake: Write libssh-config.cmake using EXPORTSAndreas Schneider1-0/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-07-04cmake: Use GNUInstallDirs for installationAndreas Schneider1-9/+6
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-06-12token, kex: Add functions to handle tokens listsAnderson Toshiyuki Sasaki1-0/+1
The added functions allow splitting chains of tokens separated by a given character (usually ','), and extracting matching parts between two chains of tokens. The previously existing functions in kex.c were replaced by the introduced ones. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-04-04dh: Add OpenSSL libcrypto specific DH implementationSimo Sorce1-1/+1
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-04dh: Move DH key handling into a separate file.Simo Sorce1-0/+3
In preparation for adding crypto-libraries specific backends. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-01bind_config: Support server side configurationAnderson Toshiyuki Sasaki1-0/+1
Introduced the support to set options for a given ssh_bind through a configuration file. For options set more than once in a single file (or by files included in it recursively) the first value set will be kept. Differently from the session options configuration, if an option previously set in one configuration file is redefined in a later processed file, the latest will be kept. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-01config: Move common parser functions to config_parser.cAnderson Toshiyuki Sasaki1-0/+1
This will allow the moved functions to be used in the server side configuration parser implementation. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-03-07Use a common KDF functionSimo Sorce1-0/+1
Cleanup the KDF function to use only one function per crypto backend. Improve the KDF function to properly handle requested lenght and to avoid unnecessarily reallocating buffers. In OpenSSL use the new EVP_KDF API if available. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-07Allow building without Group Exchange supportJakub Jelen1-1/+7
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24dh-gex: Add client implementationAris Adamantiadis1-0/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-15bind: Check for POLLRDHUP on the server if availableAndreas Schneider1-2/+8
This is a feature on modern Linux. Thanks to Ludovic Courtès <ludo@gnu.org> for the pointer. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>