Enhancements and bugfixes

• Adds support for encrypt-then-mac (ETM) MACs
• Adds support for AES-GCM crypto protocols
• Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys
• Adds support for RSA certificate authentication
• Adds FIDO support with *_sk() functions
• Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends
• Adds Agent Forwarding and libssh2_agent_sign()
• Adds support for Channel Signal message libssh2_channel_signal_ex()
• Adds support to get the user auth banner message libssh2_userauth_banner()
• Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options
• Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex()
• Adds wolfSSL support to CMake file
• Adds mbedTLS 3.x support
• Adds LibreSSL 3.5 support
• Adds support for CMake "unity" builds
• Adds CMake support for building shared and static libs in a single pass
• Adds symbol hiding support to CMake
• Adds support for libssh2.rc for all build tools
• Adds .zip, .tar.xz and .tar.bz2 release tarballs
• Enables ed25519 key support for LibreSSL 3.7.0 or higher
• Improves OpenSSL 1.1 and 3 compatibility
• Now requires OpenSSL 1.0.2 or newer
• Now requires CMake 3.1 or newer
• SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs
• SFTP: No longer has a packet limit when reading a directory
• SFTP: now parses attribute extensions if they exist
• SFTP: no longer will busy loop if SFTP fails to initialize
• SFTP: now clear various errors as expected
• SFTP: no longer skips files if the line buffer is too small
• SCP: add option to not quote paths
• SCP: Enables 64-bit offset support unconditionally
• Now skips leading \r and \n characters in banner_receive()
• Enables secure memory zeroing with all build tools on all platforms
• No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive
• Speed up base64 encoding by 7x
• Assert if there is an attempt to write a value that is too large
• WinCNG: fix memory leak in _libssh2_dh_secret()
• Added protection against possible null pointer dereferences
• Agent now handles overly large comment lengths
• Now ensure KEX replies don't include extra bytes
• Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER
• Fixed possible buffer overflow in keyboard interactive code path
• Fixed overlapping memcpy()
• Fixed Windows UWP builds
• Fixed DLL import name
• Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows
• Support for building with gcc versions older than 8
• Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files
• Restores ANSI C89 compliance
• Enabled new compiler warnings and fixed/silenced them
• Improved error messages
• Now uses CIFuzz
• Numerous minor code improvements
• Improvements to CI builds
• Improvements to unit tests
• Improvements to doc files
• Improvements to example files
• Removed "old gex" build option
• Removed no-encryption/no-mac builds
• Removed support for NetWare and Watcom wmake build files

libssh2 1.10.0 GPG sig

Enhancements and bugfixes

• adds agent forwarding support
• adds OpenSSH Agent support on Windows
• adds ECDSA key support using the Mbed TLS backend
• adds ECDSA cert authentication
• adds diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512 key exchanges
• adds support for PKIX key reading when using ed25519 with OpenSSL
• adds support for EWOULDBLOCK on VMS systems
• adds support for building with OpenSSL 3
• adds support for using FIPS mode in OpenSSL
• adds debug symbols when building with MSVC
• adds support for building on the 3DS
• adds unicode build support on Windows
• restores os400 building
• increases min, max and opt Diffie Hellman group values
• improves portiablity of the make file
• improves timeout behavior with 2FA keyboard auth
• various improvements to the Wincng backend
• fixes reading parital packet replies when using an agent
• fixes Diffie Hellman key exchange on Windows 1903+ builds
• fixes building tests with older versions of OpenSSL
• fixes possible multiple definition warnings
• fixes potential cast issues _libssh2_ecdsa_key_get_curve_type()
• fixes potential use after free if libssh2_init() is called twice
• improved linking when using Mbed TLS
• fixes call to libssh2_crypto_exit() if crypto hasn't been initialized
• fixes crash when loading public keys with no id
• fixes possible out of bounds read when exchanging keys
• fixes possible out of bounds read when reading packets
• fixes possible out of bounds read when opening an X11 connection
• fixes possible out of bounds read when ecdh host keys
• fixes possible hang when trying to read a disconnected socket
• fixes a crash when using the delayed compression option
• fixes read error with large known host entries
• fixes various warnings
• fixes various small memory leaks
• improved error handling, various detailed errors will now be reported
• builds are now using OSS-Fuzz
• builds now use autoreconf instead of a custom build script
• cmake now respects install directory
• improved CI backend
• updated HACKING-CRYPTO documentation
• use markdown file extensions
• improved unit tests

libssh2 1.9.0 GPG sig

Enhancements and bugfixes

• adds ECDSA keys and host key support when using OpenSSL
• adds ED25519 key and host key support when using OpenSSL 1.1.1
• adds OpenSSH style key file reading
• adds AES CTR mode support when using WinCNG
• adds PEM passphrase protected file support for Libgcrypt and WinCNG
• adds SHA256 hostkey fingerprint
• adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path()
• adds explicit zeroing of sensitive data in memory
• adds additional bounds checks to network buffer reads
• adds the ability to use the server default permissions when creating sftp directories
• adds support for building with OpenSSL no engine flag
• adds support for building with LibreSSL
• increased sftp packet size to 256k
• fixed oversized packet handling in sftp
• fixed building with OpenSSL 1.1
• fixed a possible crash if sftp stat gets an unexpected response
• fixed incorrect parsing of the KEX preference string value
• fixed conditional RSA and AES-CTR support
• fixed a small memory leak during the key exchange process
• fixed a possible memory leak of the ssh banner string
• fixed various small memory leaks in the backends
• fixed possible out of bounds read when parsing public keys from the server
• fixed possible out of bounds read when parsing invalid PEM files
• no longer null terminates the scp remote exec command
• now handle errors when diffie hellman key pair generation fails
• fixed compiling on Windows with the flag STDCALL=ON
• improved building instructions
• improved unit tests

libssh2 1.8.2 GPG sig

Bug fixes:

• Fixed the misapplied userauth patch that broke 1.8.1
• moved the MAX size declarations from the public header

libssh2 1.8.1 GPG sig

Bug fixes:

• fixed possible integer overflow when reading a specially crafted packet
• fixed possible integer overflow in userauth_keyboard_interactive with a number of extremely long prompt strings
• fixed possible integer overflow if the server sent an extremely large number of keyboard prompts
• fixed possible out of bounds read when processing a specially crafted packet
• fixed possible integer overflow when receiving a specially crafted exit signal message channel packet
• fixed possible out of bounds read when receiving a specially crafted exit status message channel packet
• fixed possible zero byte allocation when reading a specially crafted SFTP packet
• fixed possible out of bounds reads when processing specially crafted SFTP packets
• fixed possible out of bounds reads in _libssh2_packet_require(v)

libssh2 1.8.0 GPG sig

Changes:

• added a basic dockerised test suite
• crypto: add support for the mbedTLS backend

Bug fixes:

• libgcrypt: fixed a NULL pointer dereference on OOM
• VMS: can't use %zd for off_t format
• VMS: update vms/libssh2_config.h
• windows: link with crypt32.lib
• libssh2_channel_open: speeling error fixed in channel error message
• msvc: fixed 14 compilation warnings
• tests: HAVE_NETINET_IN_H was not defined correctly
• openssl: add OpenSSL 1.1.0 compatibility
• cmake: Add CLEAR_MEMORY option, analogously to that for autoconf
• configure: make the --with-* options override the OpenSSL default
• libssh2_wait_socket: set err_msg on errors
• libssh2_wait_socket: Fix comparison with api_timeout to use milliseconds

libssh2 1.7.0 GPG sig

Changes:

• libssh2_session_set_last_error: Add function
• mac: Add support for HMAC-SHA-256 and HMAC-SHA-512
• WinCNG: support for SHA256/512 HMAC
• kex: Added diffie-hellman-group-exchange-sha256 support
• OS/400 crypto library QC3 support

Bug fixes:

• diffie_hellman_sha256: convert bytes to bits CVE-2016-0787
• SFTP: Increase speed and datasize in SFTP read
• openssl: make libssh2_sha1 return error code
• openssl: fix memleak in _libssh2_dsa_sha1_verify()
• cmake: include CMake files in the release tarballs
• Fix builds with Visual Studio 2015
• hostkey.c: Fix compiling error when OPENSSL_NO_MD5 is defined
• GNUmakefile: add support for LIBSSH2_LDFLAG_EXTRAS
• GNUmakefile: add -m64 CFLAGS when targeting mingw64
• kex: free server host key before allocating it (again)
• SCP: add libssh2_scp_recv2 to support large (> 2GB) files on windows
• channel: Detect bad usage of libssh2_channel_process_startup
• userauth: Fix off by one error when reading public key file
• kex: removed dupe entry from libssh2_kex_methods
• _libssh2_error: Support allocating the error message
• hostkey: fix invalid memory access if libssh2_dsa_new fails
• hostkey: align code path of ssh_rsa_init to ssh_dss_init
• libssh2.pc.in: fix the output of pkg-config --libs
• wincng: fixed possible memory leak in _libssh2_wincng_hash
• wincng: fixed _libssh2_wincng_hash_final return value
• add OpenSSL 1.1.0-pre2 compatibility
• agent_disconnect_unix: unset the agent fd after closing it
• sftp: stop reading when buffer is full
• sftp: Send at least one read request before reading
• sftp: Don't return EAGAIN if data was written to buffer
• sftp: Check read packet file offset
• configure: build "silent" if possible
• openssl: add OpenSSL 1.1.0-pre3-dev compatibility
• GNUmakefile: list system libs after user libs

libssh2 1.6.0 GPG sig

Changes:

• Added CMake build system
• Added libssh2_userauth_publickey_frommemory()

Bug fixes:

• wait_socket: wrong use of difftime()
• userauth: Fixed prompt text no longer being copied to the prompts struct
• mingw build: allow to pass custom CFLAGS
• Let mansyntax.sh work regardless of where it is called from
• Init HMAC_CTX before using it
• direct_tcpip: Fixed channel write
• WinCNG: fixed backend breakage
• OpenSSL: caused by introducing libssh2_hmac_ctx_init
• userauth.c: fix possible dereferences of a null pointer
• wincng: Added explicit clear memory feature to WinCNG backend
• openssl.c: fix possible segfault in case EVP_DigestInit fails
• wincng: fix return code of libssh2_md5_init()
• kex: do not ignore failure of libssh2_sha1_init()
• scp: fix that scp_send may transmit not initialised memory
• scp.c: improved command length calculation
• nonblocking examples: fix warning about unused tvdiff on Mac OS X
• configure: make clear-memory default but WARN if backend unsupported
• OpenSSL: Enable use of OpenSSL that doesn't have DSA
• OpenSSL: Use correct no-blowfish #define
• kex: fix libgcrypt memory leaks of bignum
• libssh2_channel_open: more detailed error message
• wincng: fixed memleak in (block) cipher destructor

libssh2 1.5.0 GPG sig

Changes:

• Added Windows Cryptography API: Next Generation based backend

Bug fixes:

• Security Advisory: Using `SSH_MSG_KEXINIT` data unbounded, CVE-2015-1782
• missing _libssh2_error in _libssh2_channel_write
• knownhost: Fix DSS keys being detected as unknown.
• knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer.
• libssh2.h: on Windows, a socket is of type SOCKET, not int
• libssh2_priv.h: a 1 bit bit-field should be unsigned
• windows build: do not export externals from static library
• Fixed two potential use-after-frees of the payload buffer
• Fixed a few memory leaks in error paths
• userauth: Fixed an attempt to free from stack on error
• agent_list_identities: Fixed memory leak on OOM
• knownhosts: Abort if the hosts buffer is too small
• sftp_close_handle: ensure the handle is always closed
• channel_close: Close the channel even in the case of errors
• docs: added missing libssh2_session_handshake.3 file
• docs: fixed a bunch of typos
• userauth_password: pass on the underlying error code
• _libssh2_channel_forward_cancel: accessed struct after free
• _libssh2_packet_add: avoid using uninitialized memory
• _libssh2_channel_forward_cancel: avoid memory leaks on error
• _libssh2_channel_write: client spins on write when window full
• windows build: fix build errors
• publickey_packet_receive: avoid junk in returned pointers
• channel_receive_window_adjust: store windows size always
• userauth_hostbased_fromfile: zero assign to avoid uninitialized use
• configure: change LIBS not LDFLAGS when checking for libs
• agent_connect_unix: make sure there's a trailing zero
• MinGW build: Fixed redefine warnings.
• sftpdir.c: added authentication method detection.
• Watcom build: added support for WinCNG build.
• configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS
• sftp_statvfs: fix for servers not supporting statfvs extension
• knownhost.c: use LIBSSH2_FREE macro instead of free
• Fixed compilation using mingw-w64
• knownhost.c: fixed that 'key_type_len' may be used uninitialized
• configure: Display individual crypto backends on separate lines
• examples on Windows: check for WSAStartup return code
• examples on Windows: check for socket return code
• agent.c: check return code of MapViewOfFile
• kex.c: fix possible NULL pointer de-reference with session->kex
• packet.c: fix possible NULL pointer de-reference within listen_state
• tests on Windows: check for WSAStartup return code
• userauth.c: improve readability and clarity of for-loops
• examples on Windows: use native SOCKET-type instead of int
• packet.c: i < 256 was always true and i would overflow to 0
• kex.c: make sure mlist is not set to NULL
• session.c: check return value of session_nonblock in debug mode
• session.c: check return value of session_nonblock during startup
• userauth.c: make sure that sp_len is positive and avoid overflows
• knownhost.c: fix use of uninitialized argument variable wrote
• openssl: initialise the digest context before calling EVP_DigestInit()
• libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET
• configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib
• configure.ac: Rework crypto library detection
• configure.ac: Reorder --with-* options in --help output
• configure.ac: Call zlib zlib and not libz in text but keep option names
• Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro
• sftp: seek: Don't flush buffers on same offset
• sftp: statvfs: Along error path, reset the correct 'state' variable.
• sftp: Add support for fsync (OpenSSH extension).
• _libssh2_channel_read: fix data drop when out of window
• comp_method_zlib_decomp: Improve buffer growing algorithm
• _libssh2_channel_read: Honour window_size_initial
• window_size: redid window handling for flow control reasons
• knownhosts: handle unknown key types

libssh2 1.4.3 GPG sig (685712 bytes)

Changes:

• compression: add support for zlib@openssh.com

Bug fixes:

• sftp_read: return error if a too large package arrives
• libssh2_hostkey_hash.3: update the description of return value
• Fixed MSVC NMakefile
• examples: use stderr for messages, stdout for data
• openssl: do not leak memory when handling errors
• improved handling of disabled MD5 algorithm in OpenSSL
• known_hosts: Fail when parsing unknown keys in known_hosts file
• configure: gcrypt doesn't come with pkg-config support
• session_free: wrong variable used for keeping state
• libssh2_userauth_publickey_fromfile_ex.3: mention publickey == NULL
• comp_method_zlib_decomp: handle Z_BUF_ERROR when inflating

libssh2 1.4.2 GPG sig (679992 bytes)

Bug fixes:

• Return LIBSSH2_ERROR_SOCKET_DISCONNECT on EOF when reading banner
• userauth.c: fread() from public key file to correctly detect any errors
• configure.ac: Add option to disable build of the example applications
• Added 'Requires.private:' line to libssh2.pc
• SFTP: filter off incoming "zombie" responses
• gettimeofday: no need for a replacement under cygwin
• SSH_MSG_CHANNEL_REQUEST: default to want_reply
• win32/libssh2_config.h: Remove hardcoded #define LIBSSH2_HAVE_ZLIB

libssh2 1.4.1 GPG sig (658507 bytes)

Bug fixes:

• build error with gcrypt backend
• always do "forced" window updates to avoid corner case stalls
• aes: the init function fails when OpenSSL has AES support
• transport_send: Finish in-progress key exchange before sending data
• channel_write: acknowledge transport errors
• examples/x11.c: Make sure sizeof passed to read operation is correct
• examples/x11.c:,Fix suspicious sizeof usage
• sftp_packet_add: verify the packet before accepting it
• SFTP: preserve the original error code more
• sftp_packet_read: adjust window size as necessary
• Use safer snprintf rather then sprintf in several places
• Define and use LIBSSH2_INVALID_SOCKET instead of INVALID_SOCKET
• sftp_write: cannot return acked data *and* EAGAIN
• sftp_read: avoid data *and* EAGAIN
• libssh2.h: Add missing prototype for libssh2_session_banner_set()

libssh2 1.4.0 GPG sig (653514 bytes)

Changes:

• Added libssh2_session_supported_algs()
• Added libssh2_session_banner_get()
• Added libssh2_sftp_get_channel()
• libssh2.h: bump the default window size to 256K

Bug fixes:

• sftp-seek: clear EOF flag
• userauth: Provide more informations if ssh pub key extraction fails
• ssh2_exec: skip error outputs for EAGAIN
• LIBSSH2_SFTP_PACKET_MAXLEN: increase to 80000
• knownhost_check(): Don't dereference ext if NULL is passed
• knownhost_add: Avoid dereferencing uninitialized memory on error path
• OpenSSL EVP: fix threaded use of structs
• _libssh2_channel_read: react on errors from receive_window_adjust
• sftp_read: cap the read ahead maximum amount
• _libssh2_channel_read: fix non-blocking window adjusting

libssh2 1.3.0 GPG sig (639262 bytes)

Changes:

• Added custom callbacks for performing low level socket I/O

Bug fixes:

• sftp_read: advance offset correctly for buffered copies
• libssh2_sftp_seek64: flush packetlist and buffered data
• _libssh2_packet_add: adjust window size when truncating
• sftp_read: a short read is not end of file

libssh2 1.2.9 GPG sig (642150 bytes)

Changes:

• Added libssh2_session_set_timeout() and libssh2_session_get_timeout() to make blocking calls get a timeout

Bug fixes:

• configure and pkg-config: fix $VERSION
• s/\.NF/.nf/ to fix wrong macro name caught by man --warnings
• keepalive: add first basic man pages
• sftp_write: flush the packetlist on error
• sftp_write: clean offsets on error
• msvcproj: added libs and debug stuff
• SCP: fix incorrect error code
• session_startup: init state properly
• sftp_write_sliding: send the complete file
• userauth_keyboard_interactive: skip code on zero length auth
• _libssh2_wait_socket: fix timeouts for poll() uses
• agent_list_identities: fix out of scope access
• _libssh2_recv(): handle ENOENT error as EAGAIN
• userauth_keyboard_interactive: fix buffer overflow
• removed man pages for non-existing functions!
• gettimeofday: fix name space pollution
• _libssh2_channel_write: handle window_size == 0 better

libssh2 1.2.8 GPG sig (637707 bytes)

Changes:

• added libssh2_free, libssh2_channel_get_exit_signal and libssh2_session_handshake
• SFTP read/write remade and now MUCH faster, especially on high latency connections
• added new examples: ssh2_echo.c, sftp_append.c and sftp_write_sliding.c
• userauth: derive publickey from private
• NEWS: now generated from git

Bug fixes:

• Support unlimited number of host names in a single line of the known_hosts file.
• fix memory leak in userauth_keyboard_interactive()
• fix memory leaks (two times cipher_data) for each sftp session
• session_startup: manage server data before server identification
• SCP: allow file names with bytes > 126
• scp_recv: improved treatment of channel_read() returning zero
• libssh2_userauth_authenticated: make it work as documented
• variable size cleanup: match internal variable sizes better with the sizes of the fields used on the wire
• channel_request_pty_size: fix reqPTY_state
• sftp_symlink: return error if receive buffer too small
• sftp_readdir: return error if buffer is too small
• libssh2_knownhost_readfile.3: clarify return value
• configure: stop using the deprecated AM_INIT_AUTOMAKE syntax
• Fixed Win32 makefile which was now broken at resource build
• kex_agree_hostkey: fix NULL pointer derefence
• _libssh2_ntohu64: fix conversion from network bytes to uint64
• ssize_t: proper typedef with MSVC compilers
• zlib: Add debug tracing of zlib errors
• decomp: increase decompression buffer sizes

libssh2 1.2.7 GPG sig (583105 bytes)

Changes:

• Added Watcom makefile

Bug fixes:

• Better handling of invalid key files
• inputchecks: make lots of API functions check for NULL pointers
• libssh2_session_callback_set: extended the man page
• SFTP: limit write() to not produce overly large packets
• agent: make libssh2_agent_userauth() work blocking properly
• _libssh2_userauth_publickey: reject method names longer than the data
• channel_free: ignore problems with channel_close()
• typedef: make ssize_t get typedef without LIBSSH2_WIN32
• _libssh2_wait_socket: poll needs milliseconds
• libssh2_wait_socket: reset error code to "leak" EAGAIN less
• Added include for sys/select.h to get fd.set on some platforms
• session_free: free more data to avoid memory leaks
• openssl: make use of the EVP interface
• Fix underscore typo for 64-bit printf format specifiers on Windows
• Make libssh2_debug() create a correctly terminated string
• userauth_hostbased_fromfile: packet length too short
• handshake: Compression enabled at the wrong time
• Don't overflow MD5 server hostkey

libssh2 1.2.6 GPG sig (579590 bytes)

Changes:

• Added libssh2_sftp_statvfs() and libssh2_sftp_fstatvfs()
• Added libssh2_knownhost_checkp()
• Added libssh2_scp_send64()

Bug fixes:

• wait_socket: make c89 compliant and use two fd_sets for select()
• OpenSSL AES-128-CTR detection
• proper keyboard-interactive user dialog in the sftp.c example
• build procedure for VMS
• fixed libssh2.dsw to use the generated libssh2.dsp
• several Windows-related build fixes
• fail to init SFTP if session isn't already authenticated
• many tiny fixes that address clang-analyzer warnings
• sftp_open: deal with short channel_write calls
• libssh2_publickey_init: fixed to work better non-blocking
• sftp_close_handle: add precation to not access NULL pointer
• sftp_readdir: simplified and bugfixed
• channel_write: if data has been sent, don't return EAGAIN

libssh2 1.2.5 GPG sig (559553 bytes)

Changes:

• Added Add keep-alive support: libssh2_keepalive_config() and libssh2_keepalive_send()
• Added libssh2_knownhost_addc(), libssh2_init() and libssh2_exit()
• Added LIBSSH2_SFTP_S_IS***() macros

Bug fixes:

• fix memory leak in libssh2_session_startup()
• added missing error codes - shown as hangs in blocking mode
• fix memory leak in userauth_keyboard_interactive()
• libssh2_knownhost_del: fix write to freed memory
• Send and receive channel EOF before sending SSH_MSG_CHANNEL_CLOSE
• Use AES-CTR from OpenSSL when available
• Fixed gettimeofday to compile with Visual C++ 6
• NULL dereference when window adjusting a non-existing channel
• avoid using poll on interix and mac os x systems
• fix scp memory leak
• Correctly clear blocking flag after sending multipart packet
• Reduce used window sizes by factor 10
• libssh2_userauth_publickey_fromfile_ex() handles a NULL password
• sftp_init() deal with _libssh2_channel_write() short returns

libssh2 1.2.4 GPG sig (547675 bytes)

Bug fixes:

• Resolve compile issues on Solaris x64 and UltraSPARC
• Allow compiling with OpenSSL when AES isn't available
• Fix Tru64 socklen_t compile issue with example/direct_tcpip.c

libssh2 1.2.3 GPG sig (547652 bytes)

Changes:

• ssh-agent support with the new libssh2_agent_* functions
• Added libssh2_trace_sethandler()
• Added the direct_tcpip.c and ssh2_agent.c examples

Bug fixes:

• Fixed memory leak in userauth_publickey
• Fixed publickey authentication regression
• Silenced several compiler warnings
• avoid returning data to memory already freed
• transport layer fix for bogus -39 (LIBSSH2_ERROR_BAD_USE) errors
• Fixed padding in ssh-dss signature blob encoding
• Fixed direction blocking flag problems
• Fixed memory leak in sftp_fstat()

libssh2 1.2.2 GPG sig (535430 bytes)

Changes:

• Support for the "aes128-ctr", "aes192-ctr", "aes256-ctr" ciphers
• Support for the "arcfour128" cipher

Bug fixes:

• Fix crash when server sends an invalid SSH_MSG_IGNORE message

libssh2 1.2.1 GPG sig (533302 bytes)

Changes:

• generate and install libssh2.pc

Bug fixes:

• proper return codes returned from several functions
• return EAGAIN internal cleanup
• added knownhost.c to windows makefiles
• pass private-key to OpenSSL as a filename with BIO_new_file().
• make libssh2_scp_send/recv do blocking mode correctly
• libssh2_channel_wait_closed() could hang
• libssh2_channel_read_ex() must return 0 when closed
• added gettimeofday() function for win32 for the debug trace outputs
• transport layer bug causing invalid -39 (LIBSSH2_ERROR_BAD_USE) errors
• scp examples now loop correctly over libssh2_channel_write()

libssh2 1.2 GPG sig (532299 bytes)

Changes:

• we've switched to using git for source code control
• the libssh2-devel mailing list moved to cool.haxx.se<
• libssh2_poll() and libssh2_poll_channel_read() are now deprecated
• a range of libssh2_knownhost_*() functions were added to the API to work with OpenSSH style known_hosts files etc
• added libssh2_session_hostkey()
• added an X11 forwarding example
• the makefile now generate MSVS project files

Bug fixes:

• bad 0-return from libssh2_channel_read
• failure to "drain" the transport data caused badness
• memory leak in libssh2_sftp_shutdown()
• fixed stroll() #if condition
• build thread-safe on Solaris
• error when including libssh2.h in two files on Windows fixed
• custom memory function extra argument was wrong
• transport now checks for and bail out on packets claing to be zero sized
• fixed a number of compiler warnings
• buildconf runs on Mac OS X
• public headers includable on their own
• bad debugdump() caused SIGSEGV at times (when libssh2_trace() was used)
• possible data loss when send_existing() failed to send its buffer
• passing FILE*s across DLL boundaries (OpenSSL) caused crashes on Windows

libssh2 1.1 GPG sig

• Downloads using SCP or SFTP are now significantly faster
• Added a Libtool -export-symbols-regex flag to reduce the number of exported symbols in shared libraries.
• Added a bunch of new man pages and renamed some of the previous ones
• Enhanced download performance
• Made libssh2_scp_recv() and libssh2_scp_send() deal with spaces in filenames
• Fixed the bad randomness and off-by-one in libssh2_channel_x11_req_ex()
• Added libssh2_version()
• Fixed libssh2_channel_direct_tcpip_ex() to not fail when called a second time
• Fixed libssh2_channel_write_ex problems in blocking situations
• 'make check' runs fine on cygwin
• Added libssh2_channel_receive_window_adjust2() and deprecated libssh2_channel_receive_window_adjust()
• better socket error handling internally on win32
• libssh2 now always set the socket non-blocking internally and deals with the interface as blocking or non-blocking set by libssh2_session_set_blocking.