1. By default, soft disable AES-CBC. It isn't offered as a default
encrypt algorithm, but may be set at runtime.
2. Add guard where AES-CBC can be added back as a default.
3. Add option to example client to run it with a custom encrypt
algorithm list.
4. In the client, add macro to add items to the arg lists while checking
the number of items in the list.
* Update myStatusCb to output once per second
Modified the myStatusCb function in sftpclient.c to only output status
updates once per second by tracking the last output time and comparing
it with the current time. This reduces the frequency of status updates
while maintaining all existing functionality.
Co-Authored-By: andrew@wolfssl.com <andrew@wolfssl.com>
* Reset status output timer when starting new file transfer
When starting a new file transfer, reset the lastOutputTime to ensure
the first status update for the new file is shown immediately.
Co-Authored-By: andrew@wolfssl.com <andrew@wolfssl.com>
* Fix Zephyr build by guarding lastOutputTime with WOLFSSH_NO_TIMESTAMP
The lastOutputTime variable is only used when timestamps are enabled,
so it should be guarded by the same macro to avoid unused variable
warnings in builds where timestamps are disabled.
Co-Authored-By: andrew@wolfssl.com <andrew@wolfssl.com>
* Move elapsedTime declaration to function scope
Per wolfSSL coding standards, declare all variables at function scope.
Added comment explaining that modern compilers optimize variable access
regardless of declaration placement.
Co-Authored-By: andrew@wolfssl.com <andrew@wolfssl.com>
* Fix timeout check to use elapsed time instead of current time
Co-Authored-By: andrew@wolfssl.com <andrew@wolfssl.com>
* Use elapsed time in timeout error message for consistency
Co-Authored-By: andrew@wolfssl.com <andrew@wolfssl.com>
* Move elapsedTime inside WOLFSSH_NO_TIMESTAMP guard
Co-Authored-By: andrew@wolfssl.com <andrew@wolfssl.com>
* Move currentTime outside WOLFSSH_NO_TIMESTAMP guard
Co-Authored-By: andrew@wolfssl.com <andrew@wolfssl.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: andrew@wolfssl.com <andrew@wolfssl.com>
SCP on the server side would get an EAGAIN around the 128KB mark, which
would trigger an error. That error in-turn would cause two attempts to
close the file, which would segfault.
Also fix inverted error return status on scpclient.
This adds the `diffie-hellman-group16-sha512` key exchange and
`hmac-sha2-512` mac support.
Echoserver can now take `-x` for key exchange and `-m` for mac setting,
and `-c` for cipher so that this can be used in the test suite.
This implements Keyboard-Interactive authentication.
Adds an additional callback set by `wolfSSH_KeyboarAuthPrompts()` which
will set a callback in the server to ask the application to provide the
prompt details for the client.
1. Fix echoserver's load_file function. Could potentially dereference
null if a file size is passed in, but using a null buf to get the
file's size only.
1. Add the code from wolfsshd that initially sets up the terminal
settings to the echoserver.
2. Add the WOLFSSH_TERM flag to the build of the echoserver.
1. In the echoserver, change the names of the defines for the
static memory values.
2. Modify the client common functions for keys and certs to take a heap
value for their allocations.
3. Update the client's use of the common key and cert function calls to
pass NULL for the heap.
4. Add a static memory description for the sftp client code.
1. Modify the echoserver to use a static memory pool when using the flag
WOLFSSH_STATIC_MEMORY. Uses NULL otherwise. The WOLFSSH_CTX is
created with the pool and subsequent allocations for the WOLFSSH
server use the same pool.
2. Add a configuration for the memory pool. Only works with SFTP
enabled.
3. Add the memory pool use statistics to the echoserver.
1. Remove the continue from the SFTP worker loop when there's a timeout
on the select and when there's a want_read from the wolfSSH_worker.
2. When the select has receive data ready, check it. Don't make it
conditional on want read as well.
The goal is that when there isn't data waiting on the socket, check and
process the data in the SFTP channel's buffer, always.
JacobBarthelmeh
John Safranek
Andrew Hutchings
Anthony Hu
aidan garske
devin-ai-integration[bot]
David Garske
Juliusz Sosinowicz
Hideki Miyazaki