From: "Lars Wendler" <polynomial-c@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-libs/libssh/files/, net-libs/libssh/
Date: Tue, 13 Mar 2018 10:47:07 +0000 (UTC) [thread overview]
Message-ID: <1520938021.eb18422c28376328204688bc7c24cf0e1dcea3e7.polynomial-c@gentoo> (raw)
commit: eb18422c28376328204688bc7c24cf0e1dcea3e7
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Tue Mar 13 10:42:38 2018 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Tue Mar 13 10:47:01 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb18422c
net-libs/libssh: Revbump to add fixes from Ionic overlay.
Package-Manager: Portage-2.3.24, Repoman-2.3.6
.../files/libssh-0.7.5-add-macro-for-MAX.patch | 30 ++++
.../libssh-0.7.5-fix-internal-algo-selection.patch | 156 +++++++++++++++++++++
net-libs/libssh/libssh-0.7.5-r2.ebuild | 102 ++++++++++++++
3 files changed, 288 insertions(+)
diff --git a/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch b/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch
new file mode 100644
index 00000000000..d9226d69700
--- /dev/null
+++ b/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch
@@ -0,0 +1,30 @@
+From 310d423d36ae7bb6dac5a2ae2fb7b57bda72dcb5 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Thu, 24 Aug 2017 17:27:08 +0200
+Subject: [PATCH 1/2] priv: Add macro for MAX
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit de35212789d11086621e176a11399de0d75ab3a6)
+Signed-off-by: Mihai Moldovan <ionic@ionic.de>
+---
+ include/libssh/priv.h | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/include/libssh/priv.h b/include/libssh/priv.h
+index 5a74915e..c3373c00 100644
+--- a/include/libssh/priv.h
++++ b/include/libssh/priv.h
+@@ -263,6 +263,10 @@ int match_hostname(const char *host, const char *pattern, unsigned int len);
+ #define MIN(a,b) ((a) < (b) ? (a) : (b))
+ #endif
+
++#ifndef MAX
++#define MAX(a,b) ((a) > (b) ? (a) : (b))
++#endif
++
+ /** Free memory space */
+ #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)
+
+--
+2.15.1
+
diff --git a/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch b/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch
new file mode 100644
index 00000000000..931d63360a1
--- /dev/null
+++ b/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch
@@ -0,0 +1,156 @@
+From 4893f9515da2696490e6bbe9aaf51f2ef9678b0f Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@redhat.com>
+Date: Thu, 24 Aug 2017 16:28:39 +0200
+Subject: [PATCH 2/2] ssh_options_set_algo: ensure we only set known algorithms
+ internally
+
+That way, we will not fail later on key exchange phase when something
+unknown is negotiated.
+
+Fixes T37
+
+Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
+Reviewed-by: Andreas Schneider <asn@samba.org>
+(cherry picked from commit 895055ab38e7716390019aae5e11771a88b99d26)
+Signed-off-by: Mihai Moldovan <ionic@ionic.de>
+---
+ include/libssh/kex.h | 1 +
+ src/kex.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++++
+ src/options.c | 11 ++++----
+ 3 files changed, 81 insertions(+), 6 deletions(-)
+
+diff --git a/include/libssh/kex.h b/include/libssh/kex.h
+index 1a5b6d41..23594985 100644
+--- a/include/libssh/kex.h
++++ b/include/libssh/kex.h
+@@ -41,6 +41,7 @@ void ssh_list_kex(struct ssh_kex_struct *kex);
+ int set_client_kex(ssh_session session);
+ int ssh_kex_select_methods(ssh_session session);
+ int verify_existing_algo(int algo, const char *name);
++char *keep_known_algos(int algo, const char *list);
+ char **space_tokenize(const char *chain);
+ int ssh_get_kex1(ssh_session session);
+ char *ssh_find_matching(const char *in_d, const char *what_d);
+diff --git a/src/kex.c b/src/kex.c
+index 519d79ce..f0c9d067 100644
+--- a/src/kex.c
++++ b/src/kex.c
+@@ -281,6 +281,71 @@ char *ssh_find_matching(const char *available_d, const char *preferred_d){
+ return NULL;
+ }
+
++static char *ssh_find_all_matching(const char *available_d,
++ const char *preferred_d)
++{
++ char **tok_available, **tok_preferred;
++ int i_avail, i_pref;
++ char *ret;
++ unsigned max, len, pos = 0;
++
++ if ((available_d == NULL) || (preferred_d == NULL)) {
++ return NULL; /* don't deal with null args */
++ }
++
++ max = MAX(strlen(available_d), strlen(preferred_d));
++
++ ret = malloc(max+1);
++ if (ret == NULL) {
++ return NULL;
++ }
++ ret[0] = 0;
++
++ tok_available = tokenize(available_d);
++ if (tok_available == NULL) {
++ SAFE_FREE(ret);
++ return NULL;
++ }
++
++ tok_preferred = tokenize(preferred_d);
++ if (tok_preferred == NULL) {
++ SAFE_FREE(ret);
++ SAFE_FREE(tok_available[0]);
++ SAFE_FREE(tok_available);
++ return NULL;
++ }
++
++ for (i_pref = 0; tok_preferred[i_pref] ; ++i_pref) {
++ for (i_avail = 0; tok_available[i_avail]; ++i_avail) {
++ int cmp = strcmp(tok_available[i_avail],tok_preferred[i_pref]);
++ if (cmp == 0) {
++ /* match */
++ if (pos != 0) {
++ ret[pos] = ',';
++ pos++;
++ }
++
++ len = strlen(tok_available[i_avail]);
++ memcpy(&ret[pos], tok_available[i_avail], len);
++ pos += len;
++ ret[pos] = '\0';
++ }
++ }
++ }
++
++ if (ret[0] == '\0') {
++ SAFE_FREE(ret);
++ ret = NULL;
++ }
++
++ SAFE_FREE(tok_available[0]);
++ SAFE_FREE(tok_preferred[0]);
++ SAFE_FREE(tok_available);
++ SAFE_FREE(tok_preferred);
++
++ return ret;
++}
++
+ /**
+ * @internal
+ * @brief returns whether the first client key exchange algorithm or
+@@ -668,4 +733,14 @@ int verify_existing_algo(int algo, const char *name){
+ return 0;
+ }
+
++/* returns a copy of the provided list if everything is supported,
++ * otherwise a new list of the supported algorithms */
++char *keep_known_algos(int algo, const char *list)
++{
++ if ((algo > 9) || (algo < 0)) {
++ return NULL;
++ }
++
++ return ssh_find_all_matching(supported_methods[algo], list);
++}
+ /* vim: set ts=2 sw=2 et cindent: */
+diff --git a/src/options.c b/src/options.c
+index aed2dda5..34fe9cc7 100644
+--- a/src/options.c
++++ b/src/options.c
+@@ -164,7 +164,10 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) {
+
+ int ssh_options_set_algo(ssh_session session, int algo,
+ const char *list) {
+- if (!verify_existing_algo(algo, list)) {
++ char *p = NULL;
++
++ p = keep_known_algos(algo, list);
++ if (p == NULL) {
+ ssh_set_error(session, SSH_REQUEST_DENIED,
+ "Setting method: no algorithm for method \"%s\" (%s)\n",
+ ssh_kex_get_description(algo), list);
+@@ -172,11 +175,7 @@ int ssh_options_set_algo(ssh_session session, int algo,
+ }
+
+ SAFE_FREE(session->opts.wanted_methods[algo]);
+- session->opts.wanted_methods[algo] = strdup(list);
+- if (session->opts.wanted_methods[algo] == NULL) {
+- ssh_set_error_oom(session);
+- return -1;
+- }
++ session->opts.wanted_methods[algo] = p;
+
+ return 0;
+ }
+--
+2.15.1
+
diff --git a/net-libs/libssh/libssh-0.7.5-r2.ebuild b/net-libs/libssh/libssh-0.7.5-r2.ebuild
new file mode 100644
index 00000000000..381d0dd66c0
--- /dev/null
+++ b/net-libs/libssh/libssh-0.7.5-r2.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+MY_P="${PN}-${PV/_rc/rc}"
+inherit cmake-multilib
+
+DESCRIPTION="Access a working SSH implementation by means of a library"
+HOMEPAGE="https://www.libssh.org/"
+SRC_URI="https://red.libssh.org/attachments/download/218/${MY_P}.tar.xz -> ${P}.tar.xz"
+
+LICENSE="LGPL-2.1"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux"
+SLOT="0/4" # subslot = soname major version
+IUSE="debug doc examples gcrypt gssapi libressl pcap server +sftp ssh1 static-libs test zlib"
+# Maintainer: check IUSE-defaults at DefineOptions.cmake
+
+RDEPEND="
+ !gcrypt? (
+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
+ libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
+ )
+ gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] )
+ gssapi? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+ zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )
+"
+DEPEND="${RDEPEND}
+ doc? ( app-doc/doxygen )
+ test? ( >=dev-util/cmocka-0.3.1[${MULTILIB_USEDEP}] )
+"
+
+DOCS=( AUTHORS README ChangeLog )
+
+S="${WORKDIR}/${MY_P}"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-0.5.0-tests.patch
+ "${FILESDIR}"/${P}-fix-config-parsing.patch
+ "${FILESDIR}"/${P}-fix-config-buffer-underflow.patch
+ "${FILESDIR}"/${P}-add-macro-for-MAX.patch
+ "${FILESDIR}"/${P}-fix-internal-algo-selection.patch
+)
+
+src_prepare() {
+ cmake-utils_src_prepare
+
+ # just install the examples do not compile them
+ sed -i \
+ -e '/add_subdirectory(examples)/s/^/#DONOTWANT/' \
+ CMakeLists.txt || die
+
+ # keyfile torture test is currently broken
+ sed -i \
+ -e '/torture_keyfiles/d' \
+ tests/unittests/CMakeLists.txt || die
+}
+
+multilib_src_configure() {
+ local mycmakeargs=(
+ -DWITH_DEBUG_CALLTRACE="$(usex debug)"
+ -DWITH_DEBUG_CRYPTO="$(usex debug)"
+ -DWITH_GCRYPT="$(usex gcrypt)"
+ -DWITH_GSSAPI="$(usex gssapi)"
+ -DWITH_NACL=no
+ -DWITH_PCAP="$(usex pcap)"
+ -DWITH_SERVER="$(usex server)"
+ -DWITH_SFTP="$(usex sftp)"
+ -DWITH_SSH1="$(usex ssh1)"
+ -DWITH_STATIC_LIB="$(usex static-libs)"
+ -DWITH_STATIC_LIB="$(usex test)"
+ -DWITH_TESTING="$(usex test)"
+ -DWITH_ZLIB="$(usex zlib)"
+ )
+
+ cmake-utils_src_configure
+}
+
+multilib_src_compile() {
+ cmake-utils_src_compile
+ multilib_is_native_abi && use doc && cmake-utils_src_compile doc
+}
+
+multilib_src_install() {
+ cmake-utils_src_install
+
+ if multilib_is_native_abi && use doc ; then
+ docinto html
+ dodoc -r doc/html/.
+ fi
+
+ use static-libs || rm -f "${D}"/usr/$(get_libdir)/libssh{,_threads}.a
+}
+
+multilib_src_install_all() {
+ einstalldocs
+
+ if use examples; then
+ docinto examples
+ dodoc examples/*.{c,h,cpp}
+ fi
+}
next reply other threads:[~2018-03-13 10:47 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-13 10:47 Lars Wendler [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-08-30 22:21 [gentoo-commits] repo/gentoo:master commit in: net-libs/libssh/files/, net-libs/libssh/ Sam James
2019-07-01 11:58 Stefan Strogin
2018-08-10 14:14 Lars Wendler
2017-08-15 13:41 Andreas Sturmlechner
2016-03-20 17:23 Lars Wendler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1520938021.eb18422c28376328204688bc7c24cf0e1dcea3e7.polynomial-c@gentoo \
--to=polynomial-c@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox