From 63c78e55c969341bd2baa6a3488568db14607c87 Mon Sep 17 00:00:00 2001 From: renmingshuai Date: Sat, 18 Mar 2023 12:10:12 +0800 Subject: [PATCH] backport some upstream patches (cherry picked from commit 775926cb28b5e4fd67b8c7d09826d67f74a22026) --- ...-brackets-in-ProxyCommand-build-from.patch | 98 +++++++++++++++++++ ...queue-outgoing-packets-after-sending.patch | 58 +++++++++++ libssh.spec | 12 ++- 3 files changed, 167 insertions(+), 1 deletion(-) create mode 100644 backport-config-Escape-brackets-in-ProxyCommand-build-from.patch create mode 100644 backport-packet-do-not-enqueue-outgoing-packets-after-sending.patch diff --git a/backport-config-Escape-brackets-in-ProxyCommand-build-from.patch b/backport-config-Escape-brackets-in-ProxyCommand-build-from.patch new file mode 100644 index 0000000..e3633ed --- /dev/null +++ b/backport-config-Escape-brackets-in-ProxyCommand-build-from.patch @@ -0,0 +1,98 @@ +From bccb8513fa4a836aef0519d65eb33bb212606fe1 Mon Sep 17 00:00:00 2001 +From: Thomas Baag +Date: Wed, 21 Sep 2022 20:55:27 +0200 +Subject: [PATCH] config: Escape brackets in ProxyCommand build from +ProxyJump + +Missing escaping results in syntax errors in Zsh shell because of square +brackets getting interpreted as being a pattern for globbing. + +Signed-off-by: Thomas Baag +Reviewed-by: Jakub Jelen + +Conflict:NA +Reference:https://git.libssh.org/projects/libssh.git/commit?id=bccb8513fa +--- + src/config.c | 2 +- + tests/unittests/torture_config.c | 14 +++++++------- + 2 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/src/config.c b/src/config.c +index 41ba105..592f1a2 100644 +--- a/src/config.c ++++ b/src/config.c +@@ -491,7 +491,7 @@ ssh_config_parse_proxy_jump(ssh_session session, const char *s, bool do_parsing) + if (hostname != NULL && do_parsing) { + char com[512] = {0}; + +- rv = snprintf(com, sizeof(com), "ssh%s%s%s%s%s%s -W [%%h]:%%p %s", ++ rv = snprintf(com, sizeof(com), "ssh%s%s%s%s%s%s -W '[%%h]:%%p' %s", + username ? " -l " : "", + username ? username : "", + port ? " -p " : "", +diff --git a/tests/unittests/torture_config.c b/tests/unittests/torture_config.c +index 31dadae..5ff20c9 100644 +--- a/tests/unittests/torture_config.c ++++ b/tests/unittests/torture_config.c +@@ -649,7 +649,7 @@ static void torture_config_unknown(void **state, + /* test corner cases */ + _parse_config(session, file, string, SSH_OK); + assert_string_equal(session->opts.ProxyCommand, +- "ssh -W [%h]:%p many-spaces.com"); ++ "ssh -W '[%h]:%p' many-spaces.com"); + assert_string_equal(session->opts.host, "equal.sign"); + + ret = ssh_config_parse_file(session, "/etc/ssh/ssh_config"); +@@ -945,28 +945,28 @@ static void torture_config_proxyjump(void **state, + torture_reset_config(session); + ssh_options_set(session, SSH_OPTIONS_HOST, "simple"); + _parse_config(session, file, string, SSH_OK); +- assert_string_equal(session->opts.ProxyCommand, "ssh -W [%h]:%p jumpbox"); ++ assert_string_equal(session->opts.ProxyCommand, "ssh -W '[%h]:%p' jumpbox"); + + /* With username */ + torture_reset_config(session); + ssh_options_set(session, SSH_OPTIONS_HOST, "user"); + _parse_config(session, file, string, SSH_OK); + assert_string_equal(session->opts.ProxyCommand, +- "ssh -l user -W [%h]:%p jumpbox"); ++ "ssh -l user -W '[%h]:%p' jumpbox"); + + /* With port */ + torture_reset_config(session); + ssh_options_set(session, SSH_OPTIONS_HOST, "port"); + _parse_config(session, file, string, SSH_OK); + assert_string_equal(session->opts.ProxyCommand, +- "ssh -p 2222 -W [%h]:%p jumpbox"); ++ "ssh -p 2222 -W '[%h]:%p' jumpbox"); + + /* Two step jump */ + torture_reset_config(session); + ssh_options_set(session, SSH_OPTIONS_HOST, "two-step"); + _parse_config(session, file, string, SSH_OK); + assert_string_equal(session->opts.ProxyCommand, +- "ssh -l u1 -p 222 -J u2@second:33 -W [%h]:%p first"); ++ "ssh -l u1 -p 222 -J u2@second:33 -W '[%h]:%p' first"); + + /* none */ + torture_reset_config(session); +@@ -985,14 +985,14 @@ static void torture_config_proxyjump(void **state, + ssh_options_set(session, SSH_OPTIONS_HOST, "only-jump"); + _parse_config(session, file, string, SSH_OK); + assert_string_equal(session->opts.ProxyCommand, +- "ssh -W [%h]:%p jumpbox"); ++ "ssh -W '[%h]:%p' jumpbox"); + + /* IPv6 address */ + torture_reset_config(session); + ssh_options_set(session, SSH_OPTIONS_HOST, "ipv6"); + _parse_config(session, file, string, SSH_OK); + assert_string_equal(session->opts.ProxyCommand, +- "ssh -W [%h]:%p 2620:52:0::fed"); ++ "ssh -W '[%h]:%p' 2620:52:0::fed"); + + /* In this part, we try various other config files and strings. */ + +-- +2.23.0 + diff --git a/backport-packet-do-not-enqueue-outgoing-packets-after-sending.patch b/backport-packet-do-not-enqueue-outgoing-packets-after-sending.patch new file mode 100644 index 0000000..ae4d643 --- /dev/null +++ b/backport-packet-do-not-enqueue-outgoing-packets-after-sending.patch @@ -0,0 +1,58 @@ +From 346e6db31824571727c0fb76bb5747d7e9a28f89 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Carlos=20Mart=C3=ADn=20Nieto?= +Date: Wed, 7 Sep 2022 15:26:01 +0200 +Subject: [PATCH] packet: do not enqueue outgoing packets after sending + SSH2_MSG_NEWKEYS +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When we decide we need to rekey, we enqueue any further packets until we've sent +our SSH2_MSG_NEWKEYS message, after which we dequeue these packets and send them +to the other side. This enqueueing is done based on ssh_packet_in_rekey checking +the session flags and whether DH handshake state is marked as finished. + +However, the handshake state is not reset to DH_STATE_FINISHED until the other +side has sent us their new keys. This leaves a gap between sending our new keys +and receiving the other side's new keys where we would still decide to enqueue a +packet. + +These enqueued packets will not be dequeued as we've already sent our new keys. +Once we've received the other side's new keys, we'll go back to a finished +handshake and we will send out our caller's new data, skipping however much data +we've enqueued. + +Fix this by changing ssh_packet_in_rekey to return false once we've sent our new +keys. + +Signed-off-by: Carlos Martín Nieto +Reviewed-by: Jakub Jelen + +Conflict:NA +Reference:https://git.libssh.org/projects/libssh.git/commit?id=346e6db318 +--- + src/packet.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/packet.c b/src/packet.c +index f9d37dea..353b04e1 100644 +--- a/src/packet.c ++++ b/src/packet.c +@@ -1755,10 +1755,12 @@ static bool + ssh_packet_in_rekey(ssh_session session) + { + /* We know we are rekeying if we are authenticated and the DH +- * status is not finished ++ * status is not finished, but we only queue packets until we've ++ * sent our NEWKEYS. + */ + return (session->flags & SSH_SESSION_FLAG_AUTHENTICATED) && +- (session->dh_handshake_state != DH_STATE_FINISHED); ++ (session->dh_handshake_state != DH_STATE_FINISHED) && ++ (session->dh_handshake_state != DH_STATE_NEWKEYS_SENT); + } + + int ssh_packet_send(ssh_session session) +-- +2.23.0 + diff --git a/libssh.spec b/libssh.spec index fd49b9c..7b79dc8 100644 --- a/libssh.spec +++ b/libssh.spec @@ -1,6 +1,6 @@ Name: libssh Version: 0.10.4 -Release: 1 +Release: 2 Summary: A library implementing the SSH protocol License: LGPLv2+ URL: http://www.libssh.org @@ -9,6 +9,9 @@ Source0: https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz Source1: https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz.asc Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring +Patch0: backport-config-Escape-brackets-in-ProxyCommand-build-from.patch +Patch1: backport-packet-do-not-enqueue-outgoing-packets-after-sending.patch + BuildRequires: cmake gcc-c++ gnupg2 openssl-devel pkgconfig zlib-devel BuildRequires: krb5-devel libcmocka-devel openssh-clients openssh-server BuildRequires: nmap-ncat @@ -93,6 +96,13 @@ popd %doc CHANGELOG README %changelog +* Sat Mar 18 2023 renmingshuai - 0.10.4-2 +- Type:bugfix +- Id:NA +- SUG:NA +- DESC:config: Escape brackets in ProxyCommand build from ProxyJump + packet: do not enqueue outgoing packets after sending + * Thu Oct 20 2022 zengweifeng - 0.10.4-1 - Type:requirement - Id:NA -- Gitee