From 13650e780ecf164c1b0cbcb0fe0a6cd97d5e6425 Mon Sep 17 00:00:00 2001 From: yueyuankun Date: Wed, 5 Jun 2024 09:22:17 +0800 Subject: [PATCH] fix test_sshd.test failure --- libssh2-1.11.0-strict-modes.patch | 15 +++++++++++++++ libssh2.spec | 9 ++++++++- 2 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 libssh2-1.11.0-strict-modes.patch diff --git a/libssh2-1.11.0-strict-modes.patch b/libssh2-1.11.0-strict-modes.patch new file mode 100644 index 0000000..c2fbcf8 --- /dev/null +++ b/libssh2-1.11.0-strict-modes.patch @@ -0,0 +1,15 @@ +Group-writeable directories in the hierarchy above where we +run the tests from can cause failures due to openssh's strict +permissions checks. Adding this option helps the tests to run +more reliably on a variety of build systems. + +--- /tests/test_sshd.test ++++ /tests/test_sshd.test +@@ -71,6 +71,7 @@ chmod go-rwx \ + # shellcheck disable=SC2086 + "${SSHD}" \ + -f "${SSHD_FIXTURE_CONFIG:-${d}/openssh_server/sshd_config}" \ ++ -o 'StrictModes no' \ + -o 'Port 4711' \ + -h "${d}/openssh_server/ssh_host_rsa_key" \ + -h "${d}/openssh_server/ssh_host_ecdsa_key" \ diff --git a/libssh2.spec b/libssh2.spec index a5e9595..eafd8b1 100644 --- a/libssh2.spec +++ b/libssh2.spec @@ -1,12 +1,13 @@ Name: libssh2 Version: 1.11.0 -Release: 2 +Release: 3 Summary: A library implementing the SSH2 protocol License: BSD URL: https://www.libssh2.org/ Source0: https://libssh2.org/download/libssh2-%{version}.tar.gz Patch0: backport-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-At.patch +Patch1: libssh2-1.11.0-strict-modes.patch BuildRequires: coreutils findutils /usr/bin/man zlib-devel BuildRequires: gcc make sed openssl-devel > 1:1.0.2 openssh-server @@ -86,6 +87,12 @@ LC_ALL=en_US.UTF-8 make -C tests check %{_mandir}/man3/libssh2_*.3* %changelog +* Tue Jun 04 2024 yueyuankun - 1.11.0-3 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:add patch to work around strict permissions issues for sshd tests + * Tue Apr 16 2024 renmingshuai - 1.11.0-2 - Type:CVE - ID:CVE-2023-48795 -- Gitee