- Update from version 0.10.6 to 0.11.1
- Update of rootfile
- Changelog
0.11.1
* Fixed default TTY modes that are set when stdin is not connected to
tty (#270)
* Fixed zlib cleanup procedure, which could crash on i386
* Various test fixes improving their stability
* Fixed cygwin build
0.11.0
* Deprecations and Removals:
* Dropped support for DSA
* Deprecated Blowfish cipher (will be removed in next release)
* Deprecated SSH_BIND_OPTIONS_{RSA,ECDSA}KEY in favor of generic
HOSTKEY
* Removed the usage of deprecated OpenSSL APIs (Note: Minimum
supported
OpenSSL version is 1.1.1)
* Disabled preauth compression (zlib) by default
* Support for pkcs#11 engines are deprecated, pkcs11-provider is
used instead
* Deprecation of old async SFTP API
* libgcrypt cryptographic backend is deprecated
* Deprecation of knownhosts hashing
* SFTP Improvements:
* Added support for async SFTP IO
* Added support for sftp_limits() and applied capping to SFTP
read/write
operations accordingly
* Added sftp_home_directory() API support for sftp extension
"home-directory"
* Added sftp_lsetstat() API for lsetstat extensions
* Added sftp_expand_path() to canonicalize path using
[email protected]
extension
* Implemented stat and realpath in sftpserver
* Added sftp_readlink() API to support [email protected]
* New extensible callback based SFTP server
* Introduced the [email protected] extension
* New functions and features:
* Added support for PKCS #11 provider for OpenSSL 3.0
* Added testing for GSSAPI Authentication
* Implemented proxy jump using libssh
* Recategorized loglevels to show fatal errors and alignment with
OpenSSH
log levels
* Added ssh_channel_request_pty_size_modes() API to set terminal
modes for
PTYs
* Added function to check username syntax
* Added support to check all keys in authorized_keys instead of one
in
example server implementation
* Handled hostkey similar to OpenSSH
* Added ssh_session_socket_close() API in order to not close socket
passed
through options on error conditions
* Added option SSH_BIND_OPTIONS_IMPORT_KEY_STR to read
user-supplied key
string in ssh_bind_options_set()
* Improved log handling around ssh_set_callbacks
* Added ssh_set_error_invalid in ssh_options_set()
* Prevented signature blob to start with 1 bit in libgcrypt
* Added support to unbreak key comparison of Ed25519 keys imported
from PEM
or OpenSSH container
* Added support to calculate missing CRT parameters when building
RSA key
* Added ssh_pki_export_privkey_base64_format() and
ssh_pki_export_privkey_file_format() to support exporting keys in
different
formats (PEM, OpenSSH)
* Added support to compare certificates and handle automatic
certificate
authentication
* Added support to make compile-commands generation conditional
* Built fuzzers for normal testing
* Avoided passing other events to callbacks when called recursively
* Added control master and path options
* Refactored channel_rcv_data, check for errors and report more
useful errors
* Added support to connect to other host addresses than just the
first one
* Terminated the server properly when the MaxAuthTries is reached
* Added support for [email protected] request in both
client and
server
* Added callback to support forwarded-tcpip requests
* Bumped minimal CMake version to 3.12
* Added support for MBedTLS 3.6.x
* Added support for +,-,^ modifiers in front of algorithm lists in
options
* Added callbacks for channel open response, and channel request
response
* Replaced chroot() from chroot_wrapper internal library with
chroot()
from priv_wrapper package
* Added a placeholder for non-expanded identities
* Improved handling of channel transfer window sizes
Signed-off-by: Adolf Belka <[email protected]>
---
config/rootfiles/common/libssh | 3 ++-
lfs/libssh | 6 +++---
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/common/libssh b/config/rootfiles/common/libssh
index 417a8be8d..5b0c59fbd 100644
--- a/config/rootfiles/common/libssh
+++ b/config/rootfiles/common/libssh
@@ -6,6 +6,7 @@
#usr/include/libssh/libsshpp.hpp
#usr/include/libssh/server.h
#usr/include/libssh/sftp.h
+#usr/include/libssh/sftpserver.h
#usr/include/libssh/ssh2.h
#usr/lib/cmake/libssh
#usr/lib/cmake/libssh/libssh-config-noconfig.cmake
@@ -13,5 +14,5 @@
#usr/lib/cmake/libssh/libssh-config.cmake
#usr/lib/libssh.so
usr/lib/libssh.so.4
-usr/lib/libssh.so.4.9.6
+usr/lib/libssh.so.4.10.1
#usr/lib/pkgconfig/libssh.pc
diff --git a/lfs/libssh b/lfs/libssh
index 587a97921..d7b956aa6 100644
--- a/lfs/libssh
+++ b/lfs/libssh
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <[email protected]> #
+# Copyright (C) 2007-2025 IPFire Team <[email protected]> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 0.10.6
+VER = 0.11.1
THISAPP = libssh-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 =
6ae1c611b685fa8ec5e5fb159f93493edf4d8ae8536300cd9a357daadc28ca2fbd8a64a22157744bc97e2e672b0b84b58e1167d7369fe88306b3581098af9f57
+$(DL_FILE)_BLAKE2 =
87079b4eaf66ceb77803b3d854f847b3f3fb6a67ac3bfa756ebcf8f06bf2b313e976044e0a1d81227fb5278fb04bc56f1a82877d14a6ee76bec0c690b14f38a7
install : $(TARGET)
--
2.49.0
