ShiftMediaProject
diff --git a/‎.gitlab-ci.yml‎
Lines changed: 6 additions & 33 deletions b/‎.gitlab-ci.yml‎
Lines changed: 6 additions & 33 deletions
diff --git a/‎CMakeLists.txt‎
Lines changed: 3 additions & 3 deletions b/‎CMakeLists.txt‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎CPackConfig.cmake‎
Lines changed: 1 addition & 1 deletion b/‎CPackConfig.cmake‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎ChangeLog‎
Lines changed: 5 additions & 0 deletions b/‎ChangeLog‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎ConfigureChecks.cmake‎
Lines changed: 6 additions & 1 deletion b/‎ConfigureChecks.cmake‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎DefineOptions.cmake‎
Lines changed: 3 additions & 7 deletions b/‎DefineOptions.cmake‎
Lines changed: 3 additions & 7 deletions
diff --git a/‎examples/CMakeLists.txt‎
Lines changed: 16 additions & 19 deletions b/‎examples/CMakeLists.txt‎
Lines changed: 16 additions & 19 deletions
diff --git a/‎include/libssh/libssh.h‎
Lines changed: 1 addition & 1 deletion b/‎include/libssh/libssh.h‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎include/libssh/pki.h‎
Lines changed: 3 additions & 1 deletion b/‎include/libssh/pki.h‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎include/libssh/priv.h‎
Lines changed: 11 additions & 1 deletion b/‎include/libssh/priv.h‎
Lines changed: 11 additions & 1 deletion
@@ -4,7 +4,6 @@ variables:
   CENTOS7_BUILD: buildenv-centos7
   TUMBLEWEED_BUILD: buildenv-tumbleweed
   MINGW_BUILD: buildenv-mingw
-  DEBIAN_CROSS_BUILD: buildenv-debian-cross
 
 # pkd tests fail on CentOS7 docker images, so we don't use -DSERVER_TESTING=ON
 centos7/openssl_1.0.x/x86_64:
@@ -295,33 +294,6 @@ fedora/mingw32:
     paths:
       - obj/
 
-.Debian.cross.template: &Debian_cross_template
-  stage: test
-  image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$DEBIAN_CROSS_BUILD
-  script:
-  - build=$(dpkg-architecture -qDEB_HOST_GNU_TYPE)
-  - host="${CI_JOB_NAME#*.cross.}"
-  - mkdir -p obj && cd obj && cmake
-    -DCMAKE_C_COMPILER="$(which $host-gcc)"
-    -DCMAKE_CXX_COMPILER="$(which $host-g++)"
-    -DCMAKE_BUILD_TYPE=RelWithDebInfo
-    -DUNIT_TESTING=ON -DWITH_SFTP=ON -DWITH_SERVER=ON -DWITH_ZLIB=ON
-    -DWITH_PCAP=ON .. &&
-    make -j$(nproc) &&
-    ctest --output-on-failure
-  tags:
-  - shared
-  except:
-  - tags
-  artifacts:
-    expire_in: 1 week
-    when: on_failure
-    paths:
-      - obj/
-
-.Debian.cross.mips-linux-gnu:
-  <<: *Debian_cross_template
-
 tumbleweed/openssl_1.1.x/x86_64/gcc:
   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$TUMBLEWEED_BUILD
   script:
@@ -330,7 +302,7 @@ tumbleweed/openssl_1.1.x/x86_64/gcc:
     -DPICKY_DEVELOPER=ON
     -DWITH_SFTP=ON -DWITH_SERVER=ON -DWITH_ZLIB=ON -DWITH_PCAP=ON
     -DKRB5_CONFIG=/usr/lib/mit/bin/krb5-config
-    -DUNIT_TESTING=ON -DCLIENT_TESTING=ON -DSERVER_TESTING=ON .. &&
+    -DUNIT_TESTING=ON -DSERVER_TESTING=ON .. &&
     make -j$(nproc) && ctest --output-on-failure
   tags:
   - shared
@@ -371,7 +343,7 @@ tumbleweed/openssl_1.1.x/x86_64/gcc7:
     -DPICKY_DEVELOPER=ON
     -DWITH_SFTP=ON -DWITH_SERVER=ON -DWITH_ZLIB=ON -DWITH_PCAP=ON
     -DKRB5_CONFIG=/usr/lib/mit/bin/krb5-config
-    -DUNIT_TESTING=ON -DCLIENT_TESTING=ON -DSERVER_TESTING=ON .. &&
+    -DUNIT_TESTING=ON -DSERVER_TESTING=ON .. &&
     make -j$(nproc) && ctest --output-on-failure
   tags:
   - shared
@@ -413,7 +385,8 @@ tumbleweed/openssl_1.1.x/x86_64/clang:
     -DPICKY_DEVELOPER=ON
     -DWITH_SFTP=ON -DWITH_SERVER=ON -DWITH_ZLIB=ON -DWITH_PCAP=ON
     -DKRB5_CONFIG=/usr/lib/mit/bin/krb5-config
-    -DUNIT_TESTING=ON -DCLIENT_TESTING=ON -DSERVER_TESTING=ON .. &&
+    -DUNIT_TESTING=ON
+    -DSERVER_TESTING=ON .. &&
     make -j$(nproc) && ctest --output-on-failure
   tags:
   - shared
@@ -446,7 +419,7 @@ tumbleweed/undefined-sanitizer:
     -DCMAKE_BUILD_TYPE=UndefinedSanitizer
     -DPICKY_DEVELOPER=ON
     -DWITH_SFTP=ON -DWITH_SERVER=ON -DWITH_ZLIB=ON -DWITH_PCAP=ON
-    -DUNIT_TESTING=ON -DCLIENT_TESTING=ON -DSERVER_TESTING=ON .. &&
+    -DUNIT_TESTING=ON -DSERVER_TESTING=ON .. &&
     make -j$(nproc) && ctest --output-on-failure
   tags:
   - shared
@@ -468,7 +441,7 @@ tumbleweed/static-analysis:
     -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++
     -DPICKY_DEVELOPER=ON
     -DWITH_SFTP=ON -DWITH_SERVER=ON -DWITH_ZLIB=ON -DWITH_PCAP=ON
-    -DUNIT_TESTING=ON -DCLIENT_TESTING=ON -DSERVER_TESTING=ON .. &&
+    -DUNIT_TESTING=ON -DSERVER_TESTING=ON .. &&
     scan-build --status-bugs -o scan make -j$(nproc)
   tags:
   - shared
 
@@ -10,7 +10,7 @@ list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/Modules")
 include(DefineCMakeDefaults)
 include(DefineCompilerFlags)
 
-project(libssh VERSION 0.9.1 LANGUAGES C)
+project(libssh VERSION 0.9.2 LANGUAGES C)
 
 # global needed variable
 set(APPLICATION_NAME ${PROJECT_NAME})
@@ -22,7 +22,7 @@ set(APPLICATION_NAME ${PROJECT_NAME})
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "4.8.2")
+set(LIBRARY_VERSION "4.8.3")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
@@ -222,7 +222,7 @@ message(STATUS "Server support : ${WITH_SERVER}")
 message(STATUS "GSSAPI support : ${WITH_GSSAPI}")
 message(STATUS "GEX support : ${WITH_GEX}")
 message(STATUS "Pcap debugging support : ${WITH_PCAP}")
-message(STATUS "With static library: ${WITH_STATIC_LIB}")
+message(STATUS "Build shared library: ${BUILD_SHARED_LIBS}")
 message(STATUS "Unit testing: ${UNIT_TESTING}")
 message(STATUS "Client code testing: ${CLIENT_TESTING}")
 message(STATUS "Blowfish cipher support: ${WITH_BLOWFISH_CIPHER}")
 
@@ -10,7 +10,7 @@ set(CPACK_PACKAGE_VERSION ${PROJECT_VERSION})
 
 # SOURCE GENERATOR
 set(CPACK_SOURCE_GENERATOR "TXZ")
-set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]git/;.gitignore;/build*;/obj*;tags;cscope.*")
+set(CPACK_SOURCE_IGNORE_FILES "~$;[.]swp$;/[.]git/;/[.]clangd/;.gitignore;/build*;/obj*;tags;cscope.*;compile_commands.json")
 set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
 
 ### NSIS INSTALLER
 
@@ -1,6 +1,11 @@
 ChangeLog
 ==========
 
+version 0.9.2 (released 2019-11-07)
+  * Fixed libssh-config.cmake
+  * Fixed issues with rsa algorithm negotiation (T191)
+  * Fixed detection of OpenSSL ed25519 support (T197)
+
 version 0.9.1 (released 2019-10-25)
   * Added support for Ed25519 via OpenSSL
   * Added support for X25519 via OpenSSL
 
@@ -148,7 +148,12 @@ if (OPENSSL_FOUND)
 
     set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
     set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
-    check_symbol_exists(EVP_PKEY_ED25519 "openssl/evp.h" HAVE_OPENSSL_ED25519)
+    check_symbol_exists(EVP_PKEY_ED25519 "openssl/evp.h" FOUND_OPENSSL_ED25519)
+
+    if (HAVE_OPENSSL_EVP_DIGESTSIGN AND HAVE_OPENSSL_EVP_DIGESTVERIFY AND
+        FOUND_OPENSSL_ED25519)
+        set(HAVE_OPENSSL_ED25519 1)
+    endif()
 
     set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
     set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
 
@@ -2,7 +2,6 @@ option(WITH_GSSAPI "Build with GSSAPI support" ON)
 option(WITH_ZLIB "Build with ZLIB support" ON)
 option(WITH_SFTP "Build with SFTP support" ON)
 option(WITH_SERVER "Build with SSH server support" ON)
-option(WITH_STATIC_LIB "Build with a static library" OFF)
 option(WITH_DEBUG_CRYPTO "Build with cryto debug output" OFF)
 option(WITH_DEBUG_PACKET "Build with packet debug output" OFF)
 option(WITH_DEBUG_CALLTRACE "Build with calltrace debug output" ON)
@@ -11,6 +10,7 @@ option(WITH_MBEDTLS "Compile against libmbedtls" OFF)
 option(WITH_BLOWFISH_CIPHER "Compile with blowfish support" OFF)
 option(WITH_PCAP "Compile with Pcap generation support" ON)
 option(WITH_INTERNAL_DOC "Compile doxygen internal documentation" OFF)
+option(BUILD_SHARED_LIBS "Build shared libraries" ON)
 option(UNIT_TESTING "Build with unit tests" OFF)
 option(CLIENT_TESTING "Build with client tests; requires openssh" OFF)
 option(SERVER_TESTING "Build with server tests; requires openssh and dropbear" OFF)
@@ -34,13 +34,9 @@ if (WITH_BENCHMARKS)
   set(CLIENT_TESTING ON)
 endif()
 
-if (WITH_STATIC_LIB)
-    set(BUILD_STATIC_LIB ON)
-endif (WITH_STATIC_LIB)
-
-if (UNIT_TESTING)
+if (UNIT_TESTING OR CLIENT_TESTING OR SERVER_TESTING)
   set(BUILD_STATIC_LIB ON)
-endif (UNIT_TESTING)
+endif()
 
 if (WITH_NACL)
   set(WITH_NACL ON)
 
@@ -6,10 +6,7 @@ set(examples_SRCS
   connect_ssh.c
 )
 
-include_directories(
-  ${LIBSSH_PUBLIC_INCLUDE_DIRS}
-  ${CMAKE_BINARY_DIR}
-)
+include_directories(${libssh_BINARY_DIR})
 
 if (ARGP_INCLUDE_DIR)
     include_directories(${ARGP_INCLUDE_DIR})
@@ -18,68 +15,68 @@ endif()
 if (UNIX AND NOT WIN32)
     add_executable(libssh_scp libssh_scp.c ${examples_SRCS})
     target_compile_options(libssh_scp PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-    target_link_libraries(libssh_scp ${LIBSSH_SHARED_LIBRARY})
+    target_link_libraries(libssh_scp ssh::ssh)
 
     add_executable(scp_download scp_download.c ${examples_SRCS})
     target_compile_options(scp_download PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-    target_link_libraries(scp_download ${LIBSSH_SHARED_LIBRARY})
+    target_link_libraries(scp_download ssh::ssh)
 
     add_executable(sshnetcat sshnetcat.c ${examples_SRCS})
     target_compile_options(sshnetcat PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-    target_link_libraries(sshnetcat ${LIBSSH_SHARED_LIBRARY})
+    target_link_libraries(sshnetcat ssh::ssh)
 
     if (WITH_SFTP)
         add_executable(samplesftp samplesftp.c ${examples_SRCS})
         target_compile_options(samplesftp PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-        target_link_libraries(samplesftp ${LIBSSH_SHARED_LIBRARY})
+        target_link_libraries(samplesftp ssh::ssh)
     endif (WITH_SFTP)
 
     add_executable(ssh-client ssh_client.c ${examples_SRCS})
     target_compile_options(ssh-client PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-    target_link_libraries(ssh-client ${LIBSSH_SHARED_LIBRARY})
+    target_link_libraries(ssh-client ssh::ssh)
 
     if (WITH_SERVER AND (ARGP_LIBRARY OR HAVE_ARGP_H))
         if (HAVE_LIBUTIL)
             add_executable(ssh_server_fork ssh_server_fork.c)
             target_compile_options(ssh_server_fork PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-            target_link_libraries(ssh_server_fork ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARY} util)
+            target_link_libraries(ssh_server_fork ssh::ssh ${ARGP_LIBRARY} util)
         endif (HAVE_LIBUTIL)
 
         if (WITH_GSSAPI AND GSSAPI_FOUND)
             add_executable(samplesshd-cb samplesshd-cb.c)
             target_compile_options(samplesshd-cb PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-            target_link_libraries(samplesshd-cb ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARY})
+            target_link_libraries(samplesshd-cb ssh::ssh ${ARGP_LIBRARY})
 
             add_executable(proxy proxy.c)
             target_compile_options(proxy PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-            target_link_libraries(proxy ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARY})
+            target_link_libraries(proxy ssh::ssh ${ARGP_LIBRARY})
 
             add_executable(sshd_direct-tcpip sshd_direct-tcpip.c)
             target_compile_options(sshd_direct-tcpip PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-            target_link_libraries(sshd_direct-tcpip ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARY})
+            target_link_libraries(sshd_direct-tcpip ssh::ssh ${ARGP_LIBRARY})
         endif (WITH_GSSAPI AND GSSAPI_FOUND)
 
         add_executable(samplesshd-kbdint samplesshd-kbdint.c)
         target_compile_options(samplesshd-kbdint PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-        target_link_libraries(samplesshd-kbdint ${LIBSSH_SHARED_LIBRARY} ${ARGP_LIBRARY})
+        target_link_libraries(samplesshd-kbdint ssh::ssh ${ARGP_LIBRARY})
 
     endif()
 endif (UNIX AND NOT WIN32)
 
 add_executable(exec exec.c ${examples_SRCS})
 target_compile_options(exec PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-target_link_libraries(exec ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(exec ssh::ssh)
 
 add_executable(senddata senddata.c ${examples_SRCS})
 target_compile_options(senddata PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-target_link_libraries(senddata ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(senddata ssh::ssh)
 
 add_executable(keygen keygen.c)
 target_compile_options(keygen PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
-target_link_libraries(keygen ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(keygen ssh::ssh)
 
 add_executable(libsshpp libsshpp.cpp)
-target_link_libraries(libsshpp ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(libsshpp ssh::ssh)
 
 add_executable(libsshpp_noexcept libsshpp_noexcept.cpp)
-target_link_libraries(libsshpp_noexcept ${LIBSSH_SHARED_LIBRARY})
+target_link_libraries(libsshpp_noexcept ssh::ssh)
@@ -79,7 +79,7 @@
 /* libssh version */
 #define LIBSSH_VERSION_MAJOR  0
 #define LIBSSH_VERSION_MINOR  9
-#define LIBSSH_VERSION_MICRO  1
+#define LIBSSH_VERSION_MICRO  2
 
 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \
                                            LIBSSH_VERSION_MINOR, \
 
@@ -111,6 +111,7 @@ enum ssh_keytypes_e ssh_key_type_from_signature_name(const char *name);
 enum ssh_keytypes_e ssh_key_type_plain(enum ssh_keytypes_e type);
 enum ssh_digest_e ssh_key_type_to_hash(ssh_session session,
                                        enum ssh_keytypes_e type);
+enum ssh_digest_e ssh_key_hash_from_name(const char *name);
 
 #define is_ecdsa_key_type(t) \
     ((t) >= SSH_KEYTYPE_ECDSA_P256 && (t) <= SSH_KEYTYPE_ECDSA_P521)
@@ -153,7 +154,8 @@ ssh_string ssh_pki_do_sign_agent(ssh_session session,
                                  struct ssh_buffer_struct *buf,
                                  const ssh_key pubkey);
 ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session,
-                                         const ssh_key privkey);
+                                         const ssh_key privkey,
+                                         const enum ssh_digest_e digest);
 
 /* Temporary functions, to be removed after migration to ssh_key */
 ssh_public_key ssh_pki_convert_key_to_publickey(const ssh_key key);
 
@@ -221,7 +221,17 @@ int gettimeofday(struct timeval *__p, void *__t);
 struct ssh_common_struct;
 struct ssh_kex_struct;
 
-int ssh_get_key_params(ssh_session session, ssh_key *privkey);
+enum ssh_digest_e {
+    SSH_DIGEST_AUTO=0,
+    SSH_DIGEST_SHA1=1,
+    SSH_DIGEST_SHA256,
+    SSH_DIGEST_SHA384,
+    SSH_DIGEST_SHA512,
+};
+
+int ssh_get_key_params(ssh_session session,
+                       ssh_key *privkey,
+                       enum ssh_digest_e *digest);
 
 /* LOGGING */
 void ssh_log_function(int verbosity,