From 9e33356e553cdee92f33bec3dc429c5a6b316104 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 23 Apr 2020 10:45:04 -0700 Subject: [PATCH 1/7] Configuration tweaks 1. Replaced all the echo statements with AS_ECHO. 2. Moved the jobserver option up with debug and pthreads. 3. Changed label for enable-term to disable-term since default is enabled. 4. Removed the forced make clean. --- configure.ac | 48 ++++++++++++++++++++++-------------------------- 1 file changed, 22 insertions(+), 26 deletions(-) diff --git a/configure.ac b/configure.ac index d8fde27..a550083 100644 --- a/configure.ac +++ b/configure.ac @@ -77,6 +77,8 @@ AX_PTHREAD([ AS_CASE([$PTHREAD_CFLAGS],[-Qunused-arguments*],[PTHREAD_CFLAGS="-Xcompiler $PTHREAD_CFLAGS"]) AM_CFLAGS="$AM_CFLAGS $PTHREAD_CFLAGS"]) +AX_AM_JOBSERVER([yes]) + # Inline Build AC_ARG_ENABLE([inline], [AS_HELP_STRING([--disable-inline],[Disable inline functions (default: enabled)])], @@ -109,7 +111,7 @@ AC_ARG_ENABLE([fwd], # pseudo-terminal AC_ARG_ENABLE([term], - [AS_HELP_STRING([--enable-term],[Enable pseudo-terminal support (default: enabled)])], + [AS_HELP_STRING([--disable-term],[Enable pseudo-terminal support (default: enabled)])], [ENABLED_PTERM=$enableval],[ENABLED_PTERM=yes]) # Enable All @@ -169,32 +171,26 @@ AC_SUBST([AM_LDFLAGS]) AC_CONFIG_FILES([Makefile wolfssh/version.h]) AX_CREATE_GENERIC_CONFIG -AX_AM_JOBSERVER([yes]) AC_OUTPUT -# force make clean -echo "---" -echo "Running make clean..." -make clean >/dev/null 2>&1 - # output config summary -echo "---" -echo "Configuration summary for $PACKAGE_NAME version $VERSION" -echo "" -echo " * Installation prefix: $prefix" -echo " * System type: $host_vendor-$host_os" -echo " * Host CPU: $host_cpu" -echo " * C Compiler: $CC" -echo " * C Flags: $CFLAGS" -echo " * CPP Flags: $CPPFLAGS" -echo " * Linker Flags: $LDFLAGS" -echo -echo " Features" -echo " * Inline Code: $ENABLED_INLINE" -echo " * keygen: $ENABLED_KEYGEN" -echo " * psuedo-terminal: $ENABLED_PTERM" -echo " * scp: $ENABLED_SCP" -echo " * sftp: $ENABLED_SFTP" -echo " * TCP/IP Forwarding: $ENABLED_FWD" -echo " * Examples: $ENABLED_EXAMPLES" +AS_ECHO(["---"]) +AS_ECHO(["Configuration summary for $PACKAGE_NAME version $VERSION"]) +AS_ECHO +AS_ECHO([" * Installation prefix: $prefix"]) +AS_ECHO([" * System type: $host_vendor-$host_os"]) +AS_ECHO([" * Host CPU: $host_cpu"]) +AS_ECHO([" * C Compiler: $CC"]) +AS_ECHO([" * C Flags: $CFLAGS"]) +AS_ECHO([" * CPP Flags: $CPPFLAGS"]) +AS_ECHO([" * Linker Flags: $LDFLAGS"]) +AS_ECHO +AS_ECHO([" Features"]) +AS_ECHO([" * Inline Code: $ENABLED_INLINE"]) +AS_ECHO([" * keygen: $ENABLED_KEYGEN"]) +AS_ECHO([" * psuedo-terminal: $ENABLED_PTERM"]) +AS_ECHO([" * scp: $ENABLED_SCP"]) +AS_ECHO([" * sftp: $ENABLED_SFTP"]) +AS_ECHO([" * TCP/IP Forwarding: $ENABLED_FWD"]) +AS_ECHO([" * Examples: $ENABLED_EXAMPLES"]) From a9ae05b33caa1f957fd55e942bf7a7d0ff7b9b23 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 24 Apr 2020 09:24:48 -0700 Subject: [PATCH 2/7] Release Rollup 1. Update configure with the new version. 2. Update the ChangeLog. 3. Update the readme. --- ChangeLog.md | 44 +++++++++++++++++++++++++++++++++++++------- configure.ac | 4 ++-- wolfssh/version.h | 4 ++-- 3 files changed, 41 insertions(+), 11 deletions(-) diff --git a/ChangeLog.md b/ChangeLog.md index 6c7b940..5dae651 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,4 +1,34 @@ -### wolfSSH v1.4.3 (10/31/2019) +# wolfSSH v1.4.4 (04/24/2020) + +## New Feature Additions + +- Added wolfSCP client example +- Added support for building for VxWorks + +## Fixes + +- Fixes for some buffer issues discovered with fuzz testing +- Fixes for some SCP directory issues in Nucleus +- Fixed an issue where a buffer size went negative, cosmetic +- Fixed bug in ECDSA when using alt-ecc-size in wolfCrypt +- Fixed bug with AES-CTR and FIPSv2 build +- Fixed bug when using single precision +- Fix for SCP rename action + +## Improvements and Optimizations + +- Improved interoperability with FireZilla +- Example tool option clarification +- Better SFTP support in 32-bit environments +- SFTP and SCP aren't dependent on ioctl() anymore +- Add password rejection count +- Public key vs password authentication chosen by user auth callback +- MQX maintenance + + +-------------------------------- + +# wolfSSH v1.4.3 (10/31/2019) - wolfSFTP port to MQX 4.2 (MQX/MFS/RTCS) - Maintenance and bug fixes @@ -17,7 +47,7 @@ example client -### wolfSSH v1.4.2 (08/06/2019) +# wolfSSH v1.4.2 (08/06/2019) - GCC 8 build warning fixes - Fix for warning with enums used with SFTP and set socket type @@ -38,7 +68,7 @@ - Remove void cast on variable not compiled in with single threaded builds -### wolfSSH v1.4.0 (04/30/2019) +# wolfSSH v1.4.0 (04/30/2019) - SFTP support for time attributes - TCP port forwarding feature added (--enable-fwd) @@ -68,7 +98,7 @@ - Renamed example SFTP to be examples/sftpclient/wolfsftp -### wolfSSH v1.3.0 (08/15/2018) +# wolfSSH v1.3.0 (08/15/2018) - Accepted code submission from Stephen Casner for SCP support. Thanks Stephen! - Added SCP server support. @@ -76,7 +106,7 @@ - Updated the autoconf scripts. - Other bug fixes and enhancements. -### wolfSSH v1.2.0 (09/26/2017) +# wolfSSH v1.2.0 (09/26/2017) - Added ECDH Group Exchange with SHA2 hashing and curves nistp256, nistp384, and nistp521. @@ -89,7 +119,7 @@ - Added a Visual Studio solution to build the library, examples, and tests. - Other bug fixes and enhancements. -### wolfSSH v1.1.0 (06/16/2017) +# wolfSSH v1.1.0 (06/16/2017) - Added DH Group Exchange with SHA-256 hashing to the key exchange. - Removed the canned banner and provided a function to set a banner string. @@ -103,6 +133,6 @@ - Fixed a bug with the GetString function. - Other small bug fixes and enhancements. -### wolfSSH v1.0.0 (10/24/2016) +# wolfSSH v1.0.0 (10/24/2016) Initial release. diff --git a/configure.ac b/configure.ac index a550083..520ff16 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ # All right reserved. AC_COPYRIGHT([Copyright (C) 2014-2020 wolfSSL Inc.]) -AC_INIT([wolfssh],[1.4.3],[support@wolfssl.com],[wolfssh],[https://www.wolfssl.com]) +AC_INIT([wolfssh],[1.4.4],[support@wolfssl.com],[wolfssh],[https://www.wolfssl.com]) AC_PREREQ([2.63]) AC_CONFIG_AUX_DIR([build-aux]) @@ -20,7 +20,7 @@ AC_ARG_PROGRAM AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_HEADERS([src/config.h]) -WOLFSSH_LIBRARY_VERSION=10:0:1 +WOLFSSH_LIBRARY_VERSION=11:0:2 # | | | # +------+ | +---+ # | | | diff --git a/wolfssh/version.h b/wolfssh/version.h index 4411cb6..04dceff 100644 --- a/wolfssh/version.h +++ b/wolfssh/version.h @@ -33,8 +33,8 @@ extern "C" { #endif -#define LIBWOLFSSH_VERSION_STRING "1.4.3" -#define LIBWOLFSSH_VERSION_HEX 0x01004003 +#define LIBWOLFSSH_VERSION_STRING "1.4.4" +#define LIBWOLFSSH_VERSION_HEX 0x01004004 #ifdef __cplusplus } From 0ea40ec85fac93b31fc9fba71b262b4466945f69 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 24 Apr 2020 10:50:22 -0700 Subject: [PATCH 3/7] Release Rollup 1. Fix some C++ compiler errors. 2. Added "static" to the globals in the client and SFTP client. 3. Removed an unused string. --- examples/client/client.c | 4 ++-- examples/sftpclient/sftpclient.c | 30 ++++++++++++++---------------- src/wolfsftp.c | 2 +- 3 files changed, 17 insertions(+), 19 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 1f4bcda..79681c4 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -30,7 +30,7 @@ #ifndef NO_WOLFSSH_CLIENT -const char testString[] = "Hello, wolfSSH!"; +static const char testString[] = "Hello, wolfSSH!"; /* type = 2 : shell / execute command settings @@ -144,7 +144,7 @@ static void ShowUsage(void) } -byte userPassword[256]; +static byte userPassword[256]; static int wsUserAuth(byte authType, WS_UserAuthData* authData, diff --git a/examples/sftpclient/sftpclient.c b/examples/sftpclient/sftpclient.c index 7445352..9c90075 100644 --- a/examples/sftpclient/sftpclient.c +++ b/examples/sftpclient/sftpclient.c @@ -104,13 +104,13 @@ static int NonBlockSSH_connect(void) /* for command reget and reput to handle saving offset after interrupt during * get and put */ #include -static byte interupt = 0; +static byte interrupt = 0; static void sig_handler(const int sig) { (void)sig; - interupt = 1; + interrupt = 1; wolfSSH_SFTP_Interrupt(ssh); } #endif /* WS_NO_SIGNAL */ @@ -189,8 +189,6 @@ static void clean_path(char* path) } } -const char sftpTestString[] = "Hello, wolfSSH!"; - #define WS_MAX_EXAMPLE_RW 1024 static int SetEcho(int on) @@ -294,14 +292,14 @@ static void ShowUsage(void) } -byte userPassword[256]; -byte userPublicKeyType[32]; -byte userPublicKey[512]; -word32 userPublicKeySz; -const byte* userPrivateKey; -word32 userPrivateKeySz; +static byte userPassword[256]; +static byte userPublicKeyType[32]; +static byte userPublicKey[512]; +static word32 userPublicKeySz; +static const byte* userPrivateKey; +static word32 userPrivateKeySz; -const char hanselPublicRsa[] = +static const char hanselPublicRsa[] = "AAAAB3NzaC1yc2EAAAADAQABAAABAQC9P3ZFowOsONXHD5MwWiCciXytBRZGho" "MNiisWSgUs5HdHcACuHYPi2W6Z1PBFmBWT9odOrGRjoZXJfDDoPi+j8SSfDGsc/hsCmc3G" "p2yEhUZUEkDhtOXyqjns1ickC9Gh4u80aSVtwHRnJZh9xPhSq5tLOhId4eP61s+a5pwjTj" @@ -309,7 +307,7 @@ const char hanselPublicRsa[] = "NmzI5y/+pzU5afsdeEWdiQDIQc80H6Pz8fsoFPvYSG+s4/wz0duu7yeeV1Ypoho65Zr+pE" "nIf7dO0B8EblgWt+ud+JI8wrAhfE4x"; -const byte hanselPrivateRsa[] = { +static const byte hanselPrivateRsa[] = { 0x30, 0x82, 0x04, 0xa3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbd, 0x3f, 0x76, 0x45, 0xa3, 0x03, 0xac, 0x38, 0xd5, 0xc7, 0x0f, 0x93, 0x30, 0x5a, 0x20, 0x9c, 0x89, 0x7c, 0xad, 0x05, 0x16, 0x46, 0x86, 0x83, @@ -412,14 +410,14 @@ const byte hanselPrivateRsa[] = { 0xec, 0x18, 0xdb }; -unsigned int hanselPrivateRsaSz = 1191; +static const unsigned int hanselPrivateRsaSz = 1191; -const char hanselPublicEcc[] = +static const char hanselPublicEcc[] = "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNkI5JTP6D0lF42tbx" "X19cE87hztUS6FSDoGvPfiU0CgeNSbI+aFdKIzTP5CQEJSvm25qUzgDtH7oyaQROUnNvk="; -const byte hanselPrivateEcc[] = { +static const byte hanselPrivateEcc[] = { 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x03, 0x6e, 0x17, 0xd3, 0xb9, 0xb8, 0xab, 0xc8, 0xf9, 0x1f, 0xf1, 0x2d, 0x44, 0x4c, 0x3b, 0x12, 0xb1, 0xa4, 0x77, 0xd8, 0xed, 0x0e, 0x6a, 0xbe, 0x60, 0xc2, 0xf6, 0x8b, 0xe7, @@ -433,7 +431,7 @@ const byte hanselPrivateEcc[] = { 0xf9 }; -unsigned int hanselPrivateEccSz = 121; +static const unsigned int hanselPrivateEccSz = 121; static int wsUserAuth(byte authType, diff --git a/src/wolfsftp.c b/src/wolfsftp.c index c876a9b..c5b7781 100644 --- a/src/wolfsftp.c +++ b/src/wolfsftp.c @@ -425,7 +425,7 @@ static void wolfSSH_SFTP_ClearState(WOLFSSH* ssh, enum WS_SFTP_STATE_ID state) if (ssh) { if (state == 0) - state = ~state; /* set all bits hot */ + state = (enum WS_SFTP_STATE_ID)~state; /* set all bits hot */ if (state & STATE_ID_GET) { WFREE(ssh->getState, ssh->ctx->heap, DYNTYPE_SFTP_STATE); From 722c3bc0827bda9e7b3d3bca6049b059c0eb353e Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 24 Apr 2020 13:39:35 -0700 Subject: [PATCH 4/7] Release Rollup 1. Wrap the include of sys/time.h in wolfscp.h with a check of configure's HAVE_SYS_TIME_H. 2. Add a header check to the configure script. --- configure.ac | 1 + wolfssh/wolfscp.h | 6 ++++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 520ff16..a73bb84 100644 --- a/configure.ac +++ b/configure.ac @@ -56,6 +56,7 @@ AC_CHECK_SIZEOF([off_t]) # Check headers/libs AC_CHECK_FUNCS([gethostbyname getaddrinfo gettimeofday inet_ntoa memset socket]) +AC_CHECK_HEADERS([sys/time.h]) AC_CHECK_LIB([network],[socket]) AC_CHECK_LIB([wolfssl],[wolfCrypt_Init],,[AC_MSG_ERROR([libwolfssl is required for ${PACKAGE}. It can be obtained from https://www.wolfssl.com/download.html/ .])]) diff --git a/wolfssh/wolfscp.h b/wolfssh/wolfscp.h index b67e613..6592f20 100644 --- a/wolfssh/wolfscp.h +++ b/wolfssh/wolfscp.h @@ -53,8 +53,10 @@ extern "C" { #endif #if !defined(WOLFSSH_SCP_USER_CALLBACKS) && !defined(NO_FILESYSTEM) - /* for utimes() */ - #include + #include + #ifdef HAVE_SYS_TIME_H + #include + #endif #include typedef struct ScpSendCtx { From a32b5ad4aef50a050911c30ce1228dfb681b1add Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 27 Apr 2020 17:10:06 -0700 Subject: [PATCH 5/7] Update release date. --- ChangeLog.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.md b/ChangeLog.md index 5dae651..9a30f5a 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,4 +1,4 @@ -# wolfSSH v1.4.4 (04/24/2020) +# wolfSSH v1.4.4 (04/28/2020) ## New Feature Additions From 9583cfcebd65ec6ba8916e90aa289af08da3172f Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 27 Apr 2020 19:10:36 -0700 Subject: [PATCH 6/7] Release rollup 1. Fix a dead store by using the value. 2. Revert removing the clean from configure. --- configure.ac | 5 +++++ src/wolfsftp.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index a73bb84..a870a5b 100644 --- a/configure.ac +++ b/configure.ac @@ -175,6 +175,11 @@ AX_CREATE_GENERIC_CONFIG AC_OUTPUT +# force make clean +AS_ECHO(["---"]) +AS_ECHO(["Running make clean..."]) +make clean >/dev/null 2>&1 + # output config summary AS_ECHO(["---"]) AS_ECHO(["Configuration summary for $PACKAGE_NAME version $VERSION"]) diff --git a/src/wolfsftp.c b/src/wolfsftp.c index c5b7781..2e87015 100644 --- a/src/wolfsftp.c +++ b/src/wolfsftp.c @@ -1219,7 +1219,7 @@ int wolfSSH_SFTP_read(WOLFSSH* ssh) if ((int)state->idx < state->sz) { ret = wolfSSH_worker(ssh, NULL); - if (ssh->error == WS_WANT_READ) { + if (ret != WS_SUCCESS && ssh->error == WS_WANT_READ) { /* was something there to read, try again */ state->toSend = 2; return WS_FATAL_ERROR; From 67620dcf2f7356a4db787fdecf88956ccbceadd7 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 28 Apr 2020 10:52:35 -0700 Subject: [PATCH 7/7] Release Rollup 1. Fixing warnings with the Windows build. Removed fast math from the build, for now. --- ide/winvs/user_settings.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/ide/winvs/user_settings.h b/ide/winvs/user_settings.h index fee1c00..1e45a82 100644 --- a/ide/winvs/user_settings.h +++ b/ide/winvs/user_settings.h @@ -21,11 +21,10 @@ #define NO_DSA #define NO_MD4 #define WC_RSA_BLINDING -#define USE_FAST_MATH -#define TFM_TIMING_RESISTANT -#define ECC_TIMING_RESISTANT #define WOLFSSL_PUBLIC_MP #define SINGLE_THREADED +#define WC_NO_HARDEN + #define WOLFSSH_TERM #endif /* _WIN_USER_SETTINGS_H_ */