libssh2: update to 1.11.0.

Version 1.11.0 - May 30 2023

Enhancements and bugfixes

    Adds support for encrypt-then-mac (ETM) MACs
    Adds support for AES-GCM crypto protocols
    Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys
    Adds support for RSA certificate authentication
    Adds FIDO support with *_sk() functions
    Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends
    Adds Agent Forwarding and libssh2_agent_sign()
    Adds support for Channel Signal message libssh2_channel_signal_ex()
    Adds support to get the user auth banner message libssh2_userauth_banner()
    Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options
    Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex()
    Adds wolfSSL support to CMake file
    Adds mbedTLS 3.x support
    Adds LibreSSL 3.5 support
    Adds support for CMake "unity" builds
    Adds CMake support for building shared and static libs in a single pass
    Adds symbol hiding support to CMake
    Adds support for libssh2.rc for all build tools
    Adds .zip, .tar.xz and .tar.bz2 release tarballs
    Enables ed25519 key support for LibreSSL 3.7.0 or higher
    Improves OpenSSL 1.1 and 3 compatibility
    Now requires OpenSSL 1.0.2 or newer
    Now requires CMake 3.1 or newer
    SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs
    SFTP: No longer has a packet limit when reading a directory
    SFTP: now parses attribute extensions if they exist
    SFTP: no longer will busy loop if SFTP fails to initialize
    SFTP: now clear various errors as expected
    SFTP: no longer skips files if the line buffer is too small
    SCP: add option to not quote paths
    SCP: Enables 64-bit offset support unconditionally
    Now skips leading \r and \n characters in banner_receive()
    Enables secure memory zeroing with all build tools on all platforms
    No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive
    Speed up base64 encoding by 7x
    Assert if there is an attempt to write a value that is too large
    WinCNG: fix memory leak in _libssh2_dh_secret()
    Added protection against possible null pointer dereferences
    Agent now handles overly large comment lengths
    Now ensure KEX replies don't include extra bytes
    Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER
    Fixed possible buffer overflow in keyboard interactive code path
    Fixed overlapping memcpy()
    Fixed Windows UWP builds
    Fixed DLL import name
    Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows
    Support for building with gcc versions older than 8
    Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files
    Restores ANSI C89 compliance
    Enabled new compiler warnings and fixed/silenced them
    Improved error messages
    Now uses CIFuzz
    Numerous minor code improvements
    Improvements to CI builds
    Improvements to unit tests
    Improvements to doc files
    Improvements to example files
    Removed "old gex" build option
    Removed no-encryption/no-mac builds
    Removed support for NetWare and Watcom wmake build files

security/libssh2/Makefile

@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.23 2021/08/30 16:43:19 adam Exp $
+# $NetBSD: Makefile,v 1.24 2023/06/06 08:05:15 wiz Exp $
 
-DISTNAME=	libssh2-1.10.0
+DISTNAME=	libssh2-1.11.0
 CATEGORIES=	security
 MASTER_SITES=	https://www.libssh2.org/download/
 

security/libssh2/PLIST

@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2019/07/09 10:42:59 nia Exp $
+@comment $NetBSD: PLIST,v 1.9 2023/06/06 08:05:15 wiz Exp $
 include/libssh2.h
 include/libssh2_publickey.h
 include/libssh2_sftp.h
@@ -12,10 +12,12 @@ man/man3/libssh2_agent_get_identity_path.3
 man/man3/libssh2_agent_init.3
 man/man3/libssh2_agent_list_identities.3
 man/man3/libssh2_agent_set_identity_path.3
+man/man3/libssh2_agent_sign.3
 man/man3/libssh2_agent_userauth.3
 man/man3/libssh2_banner_set.3
 man/man3/libssh2_base64_decode.3
 man/man3/libssh2_channel_close.3
+man/man3/libssh2_channel_direct_streamlocal_ex.3
 man/man3/libssh2_channel_direct_tcpip.3
 man/man3/libssh2_channel_direct_tcpip_ex.3
 man/man3/libssh2_channel_eof.3
@@ -41,6 +43,7 @@ man/man3/libssh2_channel_read_ex.3
 man/man3/libssh2_channel_read_stderr.3
 man/man3/libssh2_channel_receive_window_adjust.3
 man/man3/libssh2_channel_receive_window_adjust2.3
+man/man3/libssh2_channel_request_auth_agent.3
 man/man3/libssh2_channel_request_pty.3
 man/man3/libssh2_channel_request_pty_ex.3
 man/man3/libssh2_channel_request_pty_size.3
@@ -50,6 +53,7 @@ man/man3/libssh2_channel_set_blocking.3
 man/man3/libssh2_channel_setenv.3
 man/man3/libssh2_channel_setenv_ex.3
 man/man3/libssh2_channel_shell.3
+man/man3/libssh2_channel_signal_ex.3
 man/man3/libssh2_channel_subsystem.3
 man/man3/libssh2_channel_wait_closed.3
 man/man3/libssh2_channel_wait_eof.3
@@ -62,6 +66,7 @@ man/man3/libssh2_channel_write_ex.3
 man/man3/libssh2_channel_write_stderr.3
 man/man3/libssh2_channel_x11_req.3
 man/man3/libssh2_channel_x11_req_ex.3
+man/man3/libssh2_crypto_engine.3
 man/man3/libssh2_exit.3
 man/man3/libssh2_free.3
 man/man3/libssh2_hostkey_hash.3
@@ -105,6 +110,7 @@ man/man3/libssh2_session_disconnect_ex.3
 man/man3/libssh2_session_flag.3
 man/man3/libssh2_session_free.3
 man/man3/libssh2_session_get_blocking.3
+man/man3/libssh2_session_get_read_timeout.3
 man/man3/libssh2_session_get_timeout.3
 man/man3/libssh2_session_handshake.3
 man/man3/libssh2_session_hostkey.3
@@ -116,6 +122,7 @@ man/man3/libssh2_session_method_pref.3
 man/man3/libssh2_session_methods.3
 man/man3/libssh2_session_set_blocking.3
 man/man3/libssh2_session_set_last_error.3
+man/man3/libssh2_session_set_read_timeout.3
 man/man3/libssh2_session_set_timeout.3
 man/man3/libssh2_session_startup.3
 man/man3/libssh2_session_supported_algs.3
@@ -135,6 +142,8 @@ man/man3/libssh2_sftp_mkdir.3
 man/man3/libssh2_sftp_mkdir_ex.3
 man/man3/libssh2_sftp_open.3
 man/man3/libssh2_sftp_open_ex.3
+man/man3/libssh2_sftp_open_ex_r.3
+man/man3/libssh2_sftp_open_r.3
 man/man3/libssh2_sftp_opendir.3
 man/man3/libssh2_sftp_read.3
 man/man3/libssh2_sftp_readdir.3
@@ -160,9 +169,11 @@ man/man3/libssh2_sftp_tell64.3
 man/man3/libssh2_sftp_unlink.3
 man/man3/libssh2_sftp_unlink_ex.3
 man/man3/libssh2_sftp_write.3
+man/man3/libssh2_sign_sk.3
 man/man3/libssh2_trace.3
 man/man3/libssh2_trace_sethandler.3
 man/man3/libssh2_userauth_authenticated.3
+man/man3/libssh2_userauth_banner.3
 man/man3/libssh2_userauth_hostbased_fromfile.3
 man/man3/libssh2_userauth_hostbased_fromfile_ex.3
 man/man3/libssh2_userauth_keyboard_interactive.3
@@ -174,4 +185,5 @@ man/man3/libssh2_userauth_publickey.3
 man/man3/libssh2_userauth_publickey_fromfile.3
 man/man3/libssh2_userauth_publickey_fromfile_ex.3
 man/man3/libssh2_userauth_publickey_frommemory.3
+man/man3/libssh2_userauth_publickey_sk.3
 man/man3/libssh2_version.3

security/libssh2/distinfo

@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.17 2021/10/26 11:17:16 nia Exp $
+$NetBSD: distinfo,v 1.18 2023/06/06 08:05:15 wiz Exp $
 
-BLAKE2s (libssh2-1.10.0.tar.gz) = a4625685efcc12b29dd07e4eab3fc03cb0d0d0ef4115aeb4aef13c14926c7638
-SHA512 (libssh2-1.10.0.tar.gz) = e064ee1089eb8e6cd5fa2617f4fd8ff56c2721c5476775a98bdb68c6c4ee4d05c706c3bb0eb479a27a8ec0b17a8a5ef43e1d028ad3f134519aa582d3981a3a30
-Size (libssh2-1.10.0.tar.gz) = 965044 bytes
+BLAKE2s (libssh2-1.11.0.tar.gz) = d98939ed5b3c25355c0f51536b02c3081cd50515b95bffcaec32389b5c0d403e
+SHA512 (libssh2-1.11.0.tar.gz) = ef85e152dc252bd9b1c05276972b9c22313f5d492743dde090235742746d67f634f2a419eff9162132e2274c8582113b75279b074e0c7b34b2526b92fd1a1e8e
+Size (libssh2-1.11.0.tar.gz) = 1053562 bytes