v0.18.0

Table of Contents

1. Changes in version 0.18.0 (2024-11-10)
   1. Change (ssh popen) procedures behavior:API_CHANGE:
   2. make-session now handles #:config set to #f properly
   3. session-func.c: Fix compile error caused by bool identifier:BUGFIX:
   4. session-func.c: Fix compilation with libssh < 0.8.3:BUGFIX:
   5. session-func.c: Add compilation warnings for missing options
   6. Drop support for libssh versions older than 0.8.0:API_CHANGE:
   7. Documentation
      1. doc/api-popen.texi: Improve description; update examples
      2. doc/api-dist.texi: Fix the description of "make-node"
      3. doc/api-sessions.texi: Update and improve
   8. Tests
      1. tests/session.scm: Bugfix:BUGFIX:
      2. tests/server.scm ("make-server", "server-get"): Bugfix:BUGFIX:
      3. tests/common.scm: Don't use DSA keys when DSA is not supported:BUGFIX:
      4. tests/session: Expand "#:config" test suite
      5. tests/client-server: Fix logging:BUGFIX:
      6. tests/client-server: Don't use ECDSA key with older versions of libssh:BUGFIX:
      7. tests/sssh-ssshd: Don't use ECDSA keys with older versions of libssh:BUGFIX:
   9. Examples
      1. examples/ssshd.scm.in (main): Bugfix: Handle deprecation of DSA:BUGFIX:
      2. tests/key.scm: Bugfix: Handle DSA deprecation properly:BUGFIX:
   10. New simplified version of the project logo
   11. New CODE_OF_CONDUCT.org file

Changes in version 0.18.0 (2024-11-10)

Change (ssh popen) procedures behavior :API_CHANGE:

Now the following procedures handle the program arguments the same way as
open-pipe* procedure. This also makes the their behavior match the
description from the Guile-SSH documentation.

This change affects the following procedures from (ssh popen):

• open-remote-pipe*
• open-remote-input-pipe*
• open-remote-output-pipe*

Reported by graywolf in
#39

make-session now handles #:config set to #f properly

Now make-session disables reading the default SSH configuration files when
#:config is set to #f (as per Guile-SSH documentation.) Note that #f
value is handled through the "process-config?" option that was added in libssh
0.9; when an older version of libssh is used, Guile-SSH falls back to setting
the configuration file to /dev/null (which in turn prevents libssh from using
the default configuration files.)

When #:config is set to #t then the default SSH configuration files are
read. This is by default to keep the backward compatibility.

Reported by graywolf in
#38

session-func.c: Fix compile error caused by bool identifier :BUGFIX:

Fix a compilation error caused by the confusion of a variable name with
boolean type name.

Reported and fixed by Peter Tillemans pti@snamellit.com in
#43

session-func.c: Fix compilation with libssh < 0.8.3 :BUGFIX:

Guile-SSH don't try to handle missing SSH_{OPTIONSPUBLICKEYACCEPTEDTYPES} in
libssh older than 0.8.3 because it leads to compilation errors. Instead now
it issues a compilation warning.

session-func.c: Add compilation warnings for missing options

Now Guile-SSH issues compilation warnings for missing libssh session options.

Drop support for libssh versions older than 0.8.0 :API_CHANGE:

libssh 0.7.4 was released in 2017 and libssh 0.8.0 was released back in 2018
so it is quite old already. Since then some CVE were fixed, namely:

• 0.8.4: CVE-2018-10933: libssh authentication bypass
• 0.9.3: CVE-2019-14889: SCP: Unsanitized location leads to command execution
• 0.9.4: CVE-2020-1730: Possible DoS in client and server when handling
• 0.9.5: CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232)
• 0.9.6: CVE-2021-3634: Fix possible heap-buffer overflow when rekeying with
  different key exchange mechanism.

Also libssh introduced some new features since 0.8.0 so Guile-SSH will not
probably work with libssh 0.7 anyway. Guile-SSH with libssh 0.8 should work
fine (according to tests) although some new Guile-SSH API will not be
available (e.g. some types of private keys are not compatible with old
versions of libssh.)

Support for libssh version 0.8.0, 0.8.1 and 0.8.2 will be dropped in the next
Guile-SSH releases.

Documentation

doc/api-popen.texi: Improve description; update examples

doc/api-dist.texi: Fix the description of "make-node"

doc/api-sessions.texi: Update and improve

Tests

tests/session.scm: Bugfix :BUGFIX:

Set "host" to "example" so the default configuration from the test config will
be read.

tests/server.scm ("make-server", "server-get"): Bugfix :BUGFIX:

Don't try to use DSA key when it is disabled.

tests/common.scm: Don't use DSA keys when DSA is not supported :BUGFIX:

tests/session: Expand "#:config" test suite

tests/client-server: Fix logging :BUGFIX:

In test case "data transferring, remote side abruptly closed": Don't log
errors into stderr, use libssh log instead. Remove "error" word from the log
string as surprisingly it tricks the test framework to think that some test
error has happened.

tests/client-server: Don't use ECDSA key with older versions of libssh :BUGFIX:

Now test "userauth-public-key!, success") is skipped when libssh has version
older than 0.8.3.

Instead "userauth-public-key!, success (RSA)" test case is used for older
versions of libssh.

tests/sssh-ssshd: Don't use ECDSA keys with older versions of libssh :BUGFIX:

Examples

examples/ssshd.scm.in (main): Bugfix: Handle deprecation of DSA :BUGFIX:

tests/key.scm: Bugfix: Handle DSA deprecation properly :BUGFIX:

New simplified version of the project logo

Thanks to Darya Sev. sdarsy@ya.ru for very helpful design advices for the
new simplified version of the project logo.

New CODE_OF_CONDUCT.org file

The document is a copy of
https://www.contributor-covenant.org/version/2/1/code_of_conduct/ converted
into org-mode format.