Updated changelog. Updated manylinux wheel embedded libssh2 version.

Author: Pan

Changelog.rst

@@ -10,6 +10,9 @@ Changes
 * Session object de-allocation no longer calls session disconnect.
 * Channel object de-allocation no longer calls channel close.
 * Rebuilt sources with Cython ``0.29.6``.
+* Updated Linux and Windows binary wheels to OpenSSL 1.1.
+* Updated embedded ``libssh2`` to latest master.
+* Added ``Ed25519`` publickey support via ``libssh2`` and OpenSSL upgrades.
 
 Packaging
 ----------

ci/docker/manylinux/Dockerfile

@@ -26,7 +26,7 @@ RUN cd ${OPENSSL}.tar.gz/${OPENSSL} && \
 
 # Libssh2
 RUN mkdir -p build_libssh2 && cd build_libssh2 && \
-    cmake ../libssh2.tar.gz -DBUILD_SHARED_LIBS=ON -DENABLE_ZLIB_COMPRESSION=ON \
+    cmake ../libssh2.tar.gz/libssh2-master -DBUILD_SHARED_LIBS=ON -DENABLE_ZLIB_COMPRESSION=ON \
     -DENABLE_CRYPT_NONE=ON -DENABLE_MAC_NONE=ON -DCMAKE_INSTALL_PREFIX=/usr && \
     cmake --build . --config Release --target install
 

ci/docker/manylinux/libssh2.tar.gz

@@ -30,17 +30,13 @@ def main():
     if not os.path.isfile(args.privatekey):
         print("No such private key %s" % (args.privatekey,))
         sys.exit(1)
-    publickey = "%s.pub" % (args.privatekey,)
-    if not os.path.isfile(publickey):
-        print("Expected public key at %s, found none" % (publickey,))
-        sys.exit(1)
 
     sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
     sock.connect((args.host, args.port))
     s = Session()
     s.handshake(sock)
     s.userauth_publickey_fromfile(
-        args.user, publickey, args.privatekey, args.passphrase)
+        args.user, args.privatekey, passphrase=args.passphrase)
     chan = s.open_session()
     chan.execute(args.cmd)
     size, data = chan.read()

examples/publickey_fromfile.py

@@ -11,12 +11,12 @@ libssh2_hostkey_hash(LIBSSH2_SESSION *session, int hash_type);
 \fIsession\fP - Session instance as returned by 
 .BR libssh2_session_init_ex(3)
 
-\fIhash_type\fP - One of: \fBLIBSSH2_HOSTKEY_HASH_MD5\fP or 
-\fBLIBSSH2_HOSTKEY_HASH_SHA1\fP.
+\fIhash_type\fP - One of: \fBLIBSSH2_HOSTKEY_HASH_MD5\fP, 
+\fBLIBSSH2_HOSTKEY_HASH_SHA1\fP or \fBLIBSSH2_HOSTKEY_HASH_SHA256\fP.
 
 Returns the computed digest of the remote system's hostkey. The length of 
 the returned string is hash_type specific (e.g. 16 bytes for MD5, 
-20 bytes for SHA1).
+20 bytes for SHA1, 32 bytes for SHA256).
 .SH RETURN VALUE
 Computed hostkey hash value, or NULL if the information is not available
 (either the session has not yet been started up, or the requested hash

libssh2/docs/libssh2_hostkey_hash.3

@@ -223,9 +223,11 @@ int main(int argc, char *argv[])
 
   shutdown:
 
-    libssh2_agent_disconnect(agent);
-    libssh2_agent_free(agent);
-
+    if (agent) {
+        libssh2_agent_disconnect(agent);
+        libssh2_agent_free(agent);
+    }
+    
     if(session) {
         libssh2_session_disconnect(session,
                                    "Normal Shutdown, Thank you for playing");

libssh2/example/ssh2_agent.c

@@ -79,6 +79,9 @@ typedef struct _LIBSSH2_SFTP_STATVFS        LIBSSH2_SFTP_STATVFS;
 #define LIBSSH2_SFTP_READLINK           1
 #define LIBSSH2_SFTP_REALPATH           2
 
+/* Flags for sftp_mkdir() */
+#define LIBSSH2_SFTP_DEFAULT_MODE      -1
+
 /* SFTP attribute flag bits */
 #define LIBSSH2_SFTP_ATTR_SIZE              0x00000001
 #define LIBSSH2_SFTP_ATTR_UIDGID            0x00000002

libssh2/include/libssh2_sftp.h

@@ -143,7 +143,7 @@ _libssh2_ecdsa_verify(libssh2_ecdsa_ctx * ctx,
                       const unsigned char *m, size_t m_len);
 
 int
-_libssh2_ecdsa_create_key(_libssh2_ec_key **out_private_key,
+_libssh2_ecdsa_create_key(LIBSSH2_SESSION *session, _libssh2_ec_key **out_private_key,
                           unsigned char **out_public_key_octal,
                           size_t *out_public_key_octal_len, libssh2_curve_type curve_type);
 
@@ -172,8 +172,8 @@ _libssh2_ecdsa_curve_type_from_name(const char *name, libssh2_curve_type *out_ty
 #if LIBSSH2_ED25519
 
 int
-_libssh2_curve25519_new(libssh2_ed25519_ctx **ctx, uint8_t **out_public_key,
-                        uint8_t **out_private_key);
+_libssh2_curve25519_new(LIBSSH2_SESSION *session, libssh2_ed25519_ctx **ctx, 
+                        uint8_t **out_public_key, uint8_t **out_private_key);
 
 int
 _libssh2_curve25519_gen_k(_libssh2_bn **k, uint8_t private_key[LIBSSH2_ED25519_KEY_LEN],
@@ -184,9 +184,15 @@ _libssh2_ed25519_verify(libssh2_ed25519_ctx *ctx, const uint8_t *s,
                         size_t s_len, const uint8_t *m, size_t m_len);
 
 int
-_libssh2_ed25519_new_private(libssh2_ed25519_ctx **ec_ctx,
+_libssh2_ed25519_new_private(libssh2_ed25519_ctx **ed_ctx,
                             LIBSSH2_SESSION *session,
                             const char *filename, const uint8_t *passphrase);
+
+int
+_libssh2_ed25519_new_public(libssh2_ed25519_ctx **ed_ctx,
+                            LIBSSH2_SESSION *session,
+                            const char *raw_pub_key, const uint8_t key_len);
+
 int
 _libssh2_ed25519_sign(libssh2_ed25519_ctx *ctx, LIBSSH2_SESSION *session,
                       uint8_t **out_sig, size_t *out_sig_len,

libssh2/src/crypto.h

@@ -795,9 +795,8 @@ hostkey_method_ssh_ed25519_init(LIBSSH2_SESSION * session,
                                 size_t hostkey_data_len,
                                 void **abstract)
 {
-    const unsigned char *s;
+    const char *s;
     unsigned long len, key_len;
-    EVP_PKEY *public_key = NULL;
     libssh2_ed25519_ctx *ctx = NULL;
 
     if(*abstract) {
@@ -823,17 +822,10 @@ hostkey_method_ssh_ed25519_init(LIBSSH2_SESSION * session,
     key_len = _libssh2_ntohu32(s);
     s += 4;
 
-    public_key = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, (const unsigned char*)s, key_len);
-    if(public_key == NULL) {
-        return _libssh2_error(session, LIBSSH2_ERROR_PROTO, "could not create ED25519 public key");
-    }
-
-    ctx = LIBSSH2_CALLOC(session, sizeof(libssh2_ed25519_ctx));
-    if(ctx == NULL) {
-        return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "could not alloc public/private key");
+    if(_libssh2_ed25519_new_public(&ctx, session, s, key_len) != 0) {
+        return -1;
     }
 
-    ctx->public_key = public_key;
     *abstract = ctx;
 
     return 0;

libssh2/src/hostkey.c

@@ -2421,8 +2421,8 @@ kex_method_ecdh_key_exchange
             goto ecdh_clean_exit;
         }
 
-        rc = _libssh2_ecdsa_create_key(&key_state->private_key, &key_state->public_key_oct,
-                                       &key_state->public_key_oct_len, type);
+        rc = _libssh2_ecdsa_create_key(session, &key_state->private_key, 
+                                       &key_state->public_key_oct, &key_state->public_key_oct_len, type);
 
         if(rc != 0) {
             ret = _libssh2_error(session, rc,
@@ -2489,7 +2489,7 @@ kex_method_ecdh_key_exchange
 ecdh_clean_exit:
 
     if(key_state->public_key_oct) {
-        free(key_state->public_key_oct);
+        LIBSSH2_FREE(session, key_state->public_key_oct);
         key_state->public_key_oct = NULL;
     }
 
@@ -2988,7 +2988,7 @@ kex_method_curve25519_key_exchange
             goto clean_exit;
         }
 
-        rc = _libssh2_curve25519_new(NULL, &key_state->curve25519_public_key,
+        rc = _libssh2_curve25519_new(session, NULL, &key_state->curve25519_public_key,
                                      &key_state->curve25519_private_key);
 
         if( rc != 0 )