Add ssh_finalize to handle finalization of libssh and underlying cryptographic

library. Add corresponding paragraph in API draft. git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@75 7dcaeef0-15fb-0310-b436-a5af3365683c
author: Jean-Philippe Garcia Ballester <giga@le-pec.org> 2006-07-09 10:36:44 +0000
committer: Jean-Philippe Garcia Ballester <giga@le-pec.org> 2006-07-09 10:36:44 +0000
commit: b2d0d13a2d6709c740453ee3ff32bc37160cc331 (patch)
tree: 8749b08068a402d2d92469be576572b2c159c918
parent: 9bb0be2dbb995097859f304111e61c6bbc910746 (diff)
download: libssh-b2d0d13a2d6709c740453ee3ff32bc37160cc331.tar.gz
libssh-b2d0d13a2d6709c740453ee3ff32bc37160cc331.tar.xz
libssh-b2d0d13a2d6709c740453ee3ff32bc37160cc331.zip
6 files changed, 62 insertions, 2 deletions
diff --git a/doc/libssh-0.2-api-1.txt b/doc/libssh-0.2-api-1.txt
index ff35b39..22d08e5 100644
--- a/doc/libssh-0.2-api-1.txt
+++ b/doc/libssh-0.2-api-1.txt
@@ -48,6 +48,19 @@ things that each kind of object must do.
 
 B. Description of objects and functions
 
+Initialization and finalization
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Initialization is for now called automatically, so you don't have to take care
+of that.
+As for finalization, we need to finalize the underlying cryptographic library
+(either OpenSSL or libgcrypt). Be sure that you call ssh_finalize when this
+library won't be used anymore, even by other libraries (i.e. if you use libssh
+and another library that uses OpenSSL, call ssh_finalize when any function of
+both these libraries won't be called).
+If you trust your operating system to clean up the mess after a process
+terminates, you can skip this call.
+
 Options structure
 ~~~~~~~~~~~~~~~~~
 
@@ -351,6 +364,8 @@ channel functions will run.
 
 C. Change log of this document
 
+3. Add paragraph about initalization and finalization.
+
 2. ssh_options_set_username finaly is kept into the options, because it can be
 set by ssh_options_getopt()
 
diff --git a/libssh/Makefile.in b/libssh/Makefile.in
index 5b28caa..28f919f 100644
--- a/libssh/Makefile.in
+++ b/libssh/Makefile.in
@@ -3,7 +3,7 @@ OBJECTS= client.o packet.o dh.o crypt.o connect.o error.o buffer.o \
 	string.o kex.o channels.o options.o keys.o auth.o base64.o \
         keyfiles.o misc.o gzip.o wrapper.o sftp.o server.o crc32.o \
 	session.o messages.o channels1.o auth1.o sftpserver.o      \
-	gcrypt_missing.o
+	gcrypt_missing.o init.o
 SHELL = /bin/sh
 VPATH = @srcdir@
 
diff --git a/libssh/init.c b/libssh/init.c
new file mode 100644
index 0000000..e7f27bc
--- /dev/null
+++ b/libssh/init.c
@@ -0,0 +1,34 @@
+/* init.c */
+/* This file handles initialization and finalization of the library */
+
+/*
+Copyright 2003,04,06 Aris Adamantiadis
+
+This file is part of the SSH Library
+
+The SSH Library is free software; you can redistribute it and/or modify
+it under the terms of the GNU Lesser General Public License as published by
+the Free Software Foundation; either version 2.1 of the License, or (at your
+option) any later version.
+
+The SSH Library is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+License for more details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with the SSH Library; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA. */
+
+#include "libssh/priv.h"
+
+int ssh_finalize()
+{
+#ifdef HAVE_LIBGCRYPT
+  gcry_control(GCRYCTL_TERM_SECMEM);
+#elif defined HAVE_LIBCRYPTO
+  EVP_cleanup();
+#endif
+  return 0;
+}
diff --git a/libssh/libssh.vers b/libssh/libssh.vers
index a1bc858..6166536 100644
--- a/libssh/libssh.vers
+++ b/libssh/libssh.vers
@@ -3,7 +3,7 @@ SSH_0.2 {
     ssh_get_error; ssh_get_error_code; ssh_say; ssh_set_verbosity;
     ssh_new; ssh_set_options; ssh_get_fd; ssh_silent_disconnect;
     ssh_connect; ssh_disconnect; ssh_service_request; ssh_get_issue_banner;
-    ssh_copyright; ssh_get_version;
+    ssh_copyright; ssh_get_version; ssh_finalize;
     ssh_set_fd_toread; ssh_set_fd_towrite; ssh_set_fd_except;
     string_from_char; string_len; string_new; string_fill; string_to_char;
     string_copy; string_burn; string_data;
diff --git a/sample.c b/sample.c
index 7491d73..37af237 100644
--- a/sample.c
+++ b/sample.c
@@ -391,6 +391,7 @@ int main(int argc, char **argv){
     if(ssh_connect(session)){
         fprintf(stderr,"Connection failed : %s\n",ssh_get_error(session));
         ssh_disconnect(session);
+	ssh_finalize();
         return 1;
     }
     state=ssh_is_server_known(session);
@@ -403,6 +404,7 @@ int main(int argc, char **argv){
             ssh_print_hexa("Public key hash",hash,MD5_DIGEST_LEN);
             fprintf(stderr,"For security reason, connection will be stopped\n");
             ssh_disconnect(session);
+	    ssh_finalize();
             exit(-1);
         case SSH_SERVER_FOUND_OTHER:
             fprintf(stderr,"The host key for this server was not found but an other type of key exists.\n");
@@ -410,6 +412,7 @@ int main(int argc, char **argv){
                 "into thinking the key does not exist\n"
                 "We advise you to rerun the client with -d or -r for more safety.\n");
                 ssh_disconnect(session);
+		ssh_finalize();
                 exit(-1);
         case SSH_SERVER_NOT_KNOWN:
             fprintf(stderr,"The server is unknown. Do you trust the host key ?\n");
@@ -431,6 +434,7 @@ int main(int argc, char **argv){
         case SSH_SERVER_ERROR:
             fprintf(stderr,"%s",ssh_get_error(session));
             ssh_disconnect(session);
+	    ssh_finalize();
             exit(-1);
     }
 
@@ -438,6 +442,7 @@ int main(int argc, char **argv){
     auth=ssh_userauth_autopubkey(session);
     if(auth==SSH_AUTH_ERROR){
         fprintf(stderr,"Authenticating with pubkey: %s\n",ssh_get_error(session));
+	ssh_finalize();
         return -1;
     }
     banner=ssh_get_issue_banner(session);
@@ -450,6 +455,7 @@ int main(int argc, char **argv){
         if(auth==SSH_AUTH_ERROR){
             fprintf(stderr,"authenticating with keyb-interactive: %s\n",
                     ssh_get_error(session));
+	    ssh_finalize();
             return -1;
         }
     }
@@ -458,6 +464,7 @@ int main(int argc, char **argv){
         if(ssh_userauth_password(session,NULL,password) != SSH_AUTH_SUCCESS){
             fprintf(stderr,"Authentication failed: %s\n",ssh_get_error(session));
             ssh_disconnect(session);
+	    ssh_finalize();
             return -1;
         }
         memset(password,0,strlen(password));
@@ -479,6 +486,7 @@ int main(int argc, char **argv){
     if(!sftp && !cmds[0])
         do_cleanup();
     ssh_disconnect(session);
+    ssh_finalize();
 
     return 0;
 }
diff --git a/samplesshd.c b/samplesshd.c
index d51ac31..fe45562 100644
--- a/samplesshd.c
+++ b/samplesshd.c
@@ -94,6 +94,7 @@ int main(int argc, char **argv){
     } while (!auth);
     if(!auth){
         printf("error : %s\n",ssh_get_error(session));
+	ssh_finalize();
         return 1;
     }
     do {
@@ -113,6 +114,7 @@ int main(int argc, char **argv){
     } while(message && !chan);
     if(!chan){
         printf("error : %s\n",ssh_get_error(session));
+	ssh_finalize();
         return 1;
     }
     do {
@@ -142,6 +144,7 @@ int main(int argc, char **argv){
             write(1,buffer_get(buf),buffer_get_len(buf));
     } while (i>0);
     ssh_disconnect(session);
+    ssh_finalize();
     return 0;
 }
author	Jean-Philippe Garcia Ballester <giga@le-pec.org>	2006-07-09 10:36:44 +0000
committer	Jean-Philippe Garcia Ballester <giga@le-pec.org>	2006-07-09 10:36:44 +0000
commit	b2d0d13a2d6709c740453ee3ff32bc37160cc331 (patch)
tree	8749b08068a402d2d92469be576572b2c159c918
parent	9bb0be2dbb995097859f304111e61c6bbc910746 (diff)
download	libssh-b2d0d13a2d6709c740453ee3ff32bc37160cc331.tar.gz libssh-b2d0d13a2d6709c740453ee3ff32bc37160cc331.tar.xz libssh-b2d0d13a2d6709c740453ee3ff32bc37160cc331.zip