From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id A9A2B138331 for ; Tue, 13 Mar 2018 10:47:11 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AD336E0841; Tue, 13 Mar 2018 10:47:10 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 7D34CE083E for ; Tue, 13 Mar 2018 10:47:10 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id D1CD6335C2C for ; Tue, 13 Mar 2018 10:47:08 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 375F426A for ; Tue, 13 Mar 2018 10:47:07 +0000 (UTC) From: "Lars Wendler" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Lars Wendler" Message-ID: <1520938021.eb18422c28376328204688bc7c24cf0e1dcea3e7.polynomial-c@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-libs/libssh/files/, net-libs/libssh/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch net-libs/libssh/libssh-0.7.5-r2.ebuild X-VCS-Directories: net-libs/libssh/ net-libs/libssh/files/ X-VCS-Committer: polynomial-c X-VCS-Committer-Name: Lars Wendler X-VCS-Revision: eb18422c28376328204688bc7c24cf0e1dcea3e7 X-VCS-Branch: master Date: Tue, 13 Mar 2018 10:47:07 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 8556341e-0c42-43c8-82f1-0e8719f20884 X-Archives-Hash: 53862af0ee977d161b8f835a3a6e6c64 commit: eb18422c28376328204688bc7c24cf0e1dcea3e7 Author: Lars Wendler gentoo org> AuthorDate: Tue Mar 13 10:42:38 2018 +0000 Commit: Lars Wendler gentoo org> CommitDate: Tue Mar 13 10:47:01 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb18422c net-libs/libssh: Revbump to add fixes from Ionic overlay. Package-Manager: Portage-2.3.24, Repoman-2.3.6 .../files/libssh-0.7.5-add-macro-for-MAX.patch | 30 ++++ .../libssh-0.7.5-fix-internal-algo-selection.patch | 156 +++++++++++++++++++++ net-libs/libssh/libssh-0.7.5-r2.ebuild | 102 ++++++++++++++ 3 files changed, 288 insertions(+) diff --git a/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch b/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch new file mode 100644 index 00000000000..d9226d69700 --- /dev/null +++ b/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch @@ -0,0 +1,30 @@ +From 310d423d36ae7bb6dac5a2ae2fb7b57bda72dcb5 Mon Sep 17 00:00:00 2001 +From: Andreas Schneider +Date: Thu, 24 Aug 2017 17:27:08 +0200 +Subject: [PATCH 1/2] priv: Add macro for MAX + +Signed-off-by: Andreas Schneider +(cherry picked from commit de35212789d11086621e176a11399de0d75ab3a6) +Signed-off-by: Mihai Moldovan +--- + include/libssh/priv.h | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/include/libssh/priv.h b/include/libssh/priv.h +index 5a74915e..c3373c00 100644 +--- a/include/libssh/priv.h ++++ b/include/libssh/priv.h +@@ -263,6 +263,10 @@ int match_hostname(const char *host, const char *pattern, unsigned int len); + #define MIN(a,b) ((a) < (b) ? (a) : (b)) + #endif + ++#ifndef MAX ++#define MAX(a,b) ((a) > (b) ? (a) : (b)) ++#endif ++ + /** Free memory space */ + #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0) + +-- +2.15.1 + diff --git a/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch b/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch new file mode 100644 index 00000000000..931d63360a1 --- /dev/null +++ b/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch @@ -0,0 +1,156 @@ +From 4893f9515da2696490e6bbe9aaf51f2ef9678b0f Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Thu, 24 Aug 2017 16:28:39 +0200 +Subject: [PATCH 2/2] ssh_options_set_algo: ensure we only set known algorithms + internally + +That way, we will not fail later on key exchange phase when something +unknown is negotiated. + +Fixes T37 + +Signed-off-by: Nikos Mavrogiannopoulos +Reviewed-by: Andreas Schneider +(cherry picked from commit 895055ab38e7716390019aae5e11771a88b99d26) +Signed-off-by: Mihai Moldovan +--- + include/libssh/kex.h | 1 + + src/kex.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++++ + src/options.c | 11 ++++---- + 3 files changed, 81 insertions(+), 6 deletions(-) + +diff --git a/include/libssh/kex.h b/include/libssh/kex.h +index 1a5b6d41..23594985 100644 +--- a/include/libssh/kex.h ++++ b/include/libssh/kex.h +@@ -41,6 +41,7 @@ void ssh_list_kex(struct ssh_kex_struct *kex); + int set_client_kex(ssh_session session); + int ssh_kex_select_methods(ssh_session session); + int verify_existing_algo(int algo, const char *name); ++char *keep_known_algos(int algo, const char *list); + char **space_tokenize(const char *chain); + int ssh_get_kex1(ssh_session session); + char *ssh_find_matching(const char *in_d, const char *what_d); +diff --git a/src/kex.c b/src/kex.c +index 519d79ce..f0c9d067 100644 +--- a/src/kex.c ++++ b/src/kex.c +@@ -281,6 +281,71 @@ char *ssh_find_matching(const char *available_d, const char *preferred_d){ + return NULL; + } + ++static char *ssh_find_all_matching(const char *available_d, ++ const char *preferred_d) ++{ ++ char **tok_available, **tok_preferred; ++ int i_avail, i_pref; ++ char *ret; ++ unsigned max, len, pos = 0; ++ ++ if ((available_d == NULL) || (preferred_d == NULL)) { ++ return NULL; /* don't deal with null args */ ++ } ++ ++ max = MAX(strlen(available_d), strlen(preferred_d)); ++ ++ ret = malloc(max+1); ++ if (ret == NULL) { ++ return NULL; ++ } ++ ret[0] = 0; ++ ++ tok_available = tokenize(available_d); ++ if (tok_available == NULL) { ++ SAFE_FREE(ret); ++ return NULL; ++ } ++ ++ tok_preferred = tokenize(preferred_d); ++ if (tok_preferred == NULL) { ++ SAFE_FREE(ret); ++ SAFE_FREE(tok_available[0]); ++ SAFE_FREE(tok_available); ++ return NULL; ++ } ++ ++ for (i_pref = 0; tok_preferred[i_pref] ; ++i_pref) { ++ for (i_avail = 0; tok_available[i_avail]; ++i_avail) { ++ int cmp = strcmp(tok_available[i_avail],tok_preferred[i_pref]); ++ if (cmp == 0) { ++ /* match */ ++ if (pos != 0) { ++ ret[pos] = ','; ++ pos++; ++ } ++ ++ len = strlen(tok_available[i_avail]); ++ memcpy(&ret[pos], tok_available[i_avail], len); ++ pos += len; ++ ret[pos] = '\0'; ++ } ++ } ++ } ++ ++ if (ret[0] == '\0') { ++ SAFE_FREE(ret); ++ ret = NULL; ++ } ++ ++ SAFE_FREE(tok_available[0]); ++ SAFE_FREE(tok_preferred[0]); ++ SAFE_FREE(tok_available); ++ SAFE_FREE(tok_preferred); ++ ++ return ret; ++} ++ + /** + * @internal + * @brief returns whether the first client key exchange algorithm or +@@ -668,4 +733,14 @@ int verify_existing_algo(int algo, const char *name){ + return 0; + } + ++/* returns a copy of the provided list if everything is supported, ++ * otherwise a new list of the supported algorithms */ ++char *keep_known_algos(int algo, const char *list) ++{ ++ if ((algo > 9) || (algo < 0)) { ++ return NULL; ++ } ++ ++ return ssh_find_all_matching(supported_methods[algo], list); ++} + /* vim: set ts=2 sw=2 et cindent: */ +diff --git a/src/options.c b/src/options.c +index aed2dda5..34fe9cc7 100644 +--- a/src/options.c ++++ b/src/options.c +@@ -164,7 +164,10 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) { + + int ssh_options_set_algo(ssh_session session, int algo, + const char *list) { +- if (!verify_existing_algo(algo, list)) { ++ char *p = NULL; ++ ++ p = keep_known_algos(algo, list); ++ if (p == NULL) { + ssh_set_error(session, SSH_REQUEST_DENIED, + "Setting method: no algorithm for method \"%s\" (%s)\n", + ssh_kex_get_description(algo), list); +@@ -172,11 +175,7 @@ int ssh_options_set_algo(ssh_session session, int algo, + } + + SAFE_FREE(session->opts.wanted_methods[algo]); +- session->opts.wanted_methods[algo] = strdup(list); +- if (session->opts.wanted_methods[algo] == NULL) { +- ssh_set_error_oom(session); +- return -1; +- } ++ session->opts.wanted_methods[algo] = p; + + return 0; + } +-- +2.15.1 + diff --git a/net-libs/libssh/libssh-0.7.5-r2.ebuild b/net-libs/libssh/libssh-0.7.5-r2.ebuild new file mode 100644 index 00000000000..381d0dd66c0 --- /dev/null +++ b/net-libs/libssh/libssh-0.7.5-r2.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +MY_P="${PN}-${PV/_rc/rc}" +inherit cmake-multilib + +DESCRIPTION="Access a working SSH implementation by means of a library" +HOMEPAGE="https://www.libssh.org/" +SRC_URI="https://red.libssh.org/attachments/download/218/${MY_P}.tar.xz -> ${P}.tar.xz" + +LICENSE="LGPL-2.1" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux" +SLOT="0/4" # subslot = soname major version +IUSE="debug doc examples gcrypt gssapi libressl pcap server +sftp ssh1 static-libs test zlib" +# Maintainer: check IUSE-defaults at DefineOptions.cmake + +RDEPEND=" + !gcrypt? ( + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) + ) + gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) + gssapi? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) +" +DEPEND="${RDEPEND} + doc? ( app-doc/doxygen ) + test? ( >=dev-util/cmocka-0.3.1[${MULTILIB_USEDEP}] ) +" + +DOCS=( AUTHORS README ChangeLog ) + +S="${WORKDIR}/${MY_P}" + +PATCHES=( + "${FILESDIR}"/${PN}-0.5.0-tests.patch + "${FILESDIR}"/${P}-fix-config-parsing.patch + "${FILESDIR}"/${P}-fix-config-buffer-underflow.patch + "${FILESDIR}"/${P}-add-macro-for-MAX.patch + "${FILESDIR}"/${P}-fix-internal-algo-selection.patch +) + +src_prepare() { + cmake-utils_src_prepare + + # just install the examples do not compile them + sed -i \ + -e '/add_subdirectory(examples)/s/^/#DONOTWANT/' \ + CMakeLists.txt || die + + # keyfile torture test is currently broken + sed -i \ + -e '/torture_keyfiles/d' \ + tests/unittests/CMakeLists.txt || die +} + +multilib_src_configure() { + local mycmakeargs=( + -DWITH_DEBUG_CALLTRACE="$(usex debug)" + -DWITH_DEBUG_CRYPTO="$(usex debug)" + -DWITH_GCRYPT="$(usex gcrypt)" + -DWITH_GSSAPI="$(usex gssapi)" + -DWITH_NACL=no + -DWITH_PCAP="$(usex pcap)" + -DWITH_SERVER="$(usex server)" + -DWITH_SFTP="$(usex sftp)" + -DWITH_SSH1="$(usex ssh1)" + -DWITH_STATIC_LIB="$(usex static-libs)" + -DWITH_STATIC_LIB="$(usex test)" + -DWITH_TESTING="$(usex test)" + -DWITH_ZLIB="$(usex zlib)" + ) + + cmake-utils_src_configure +} + +multilib_src_compile() { + cmake-utils_src_compile + multilib_is_native_abi && use doc && cmake-utils_src_compile doc +} + +multilib_src_install() { + cmake-utils_src_install + + if multilib_is_native_abi && use doc ; then + docinto html + dodoc -r doc/html/. + fi + + use static-libs || rm -f "${D}"/usr/$(get_libdir)/libssh{,_threads}.a +} + +multilib_src_install_all() { + einstalldocs + + if use examples; then + docinto examples + dodoc examples/*.{c,h,cpp} + fi +}