diff --git a/backport-Add-NULL-pointer-check-for-outlen-before-use-1109.patch b/backport-Add-NULL-pointer-check-for-outlen-before-use-1109.patch deleted file mode 100644 index 93c12febdbcdcb25944aa5be0965e2eb10f27398..0000000000000000000000000000000000000000 --- a/backport-Add-NULL-pointer-check-for-outlen-before-use-1109.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 724effcb47ebb713d3ef1776684b8f6407b4b6a5 Mon Sep 17 00:00:00 2001 -From: ren mingshuai <78132473+rmsh1216@users.noreply.github.com> -Date: Sat, 1 Jul 2023 01:34:44 +0800 -Subject: [PATCH] Add NULL pointer check for outlen before use (#1109) - -Before assigning a value to the outlen, we need to check whether it is NULL. - -Credit: Ren Mingshuai - -Reference:https://github.com/libssh2/libssh2/commit/724effcb47ebb713d3ef1776684b8f6407b4b6a5 -Conflict:NA ---- - src/misc.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/misc.c b/src/misc.c -index b386e3d6..398457d4 100644 ---- a/src/misc.c -+++ b/src/misc.c -@@ -901,7 +901,8 @@ int _libssh2_copy_string(LIBSSH2_SESSION *session, struct string_buf *buf, - } - } - else { -- *outlen = 0; -+ if(outlen) -+ *outlen = 0; - *outbuf = NULL; - } - --- -2.27.0 - diff --git a/backport-Add-a-new-structure-to-separate-memory-read-and-file.patch b/backport-Add-a-new-structure-to-separate-memory-read-and-file.patch deleted file mode 100644 index 562d3ecae910796f9a31a9286b42571f31ff2182..0000000000000000000000000000000000000000 --- a/backport-Add-a-new-structure-to-separate-memory-read-and-file.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 63b4c20eb031227d040a3aca3224c80189411464 Mon Sep 17 00:00:00 2001 -From: renmingshuai -Date: Tue, 1 Aug 2023 12:36:24 +0800 -Subject: [PATCH] Add a new structure to separate memory read and file read. We - use different APIs when we read one private key from memory, so it is - improper to store the private key information in the structure that stores - the private key file information. - -Fixes https://github.com/libssh2/libssh2/issues/773 -Reported-by: mike-jumper - -Reference:https://github.com/libssh2/libssh2/commit/63b4c20eb031227d040a3aca3224c80189411464 -Conflict:NA ---- - src/userauth.c | 23 +++++++++++++++-------- - 1 file changed, 15 insertions(+), 8 deletions(-) - -diff --git a/src/userauth.c b/src/userauth.c -index 5ce4ccb1..c382e661 100644 ---- a/src/userauth.c -+++ b/src/userauth.c -@@ -818,11 +818,17 @@ struct privkey_file { - const char *passphrase; - }; - -+struct privkey_mem { -+ const char *passphrase; -+ const char *data; -+ size_t data_len; -+}; -+ - static int - sign_frommemory(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, - const unsigned char *data, size_t data_len, void **abstract) - { -- struct privkey_file *pk_file = (struct privkey_file *) (*abstract); -+ struct privkey_mem *pk_mem = (struct privkey_mem *) (*abstract); - const LIBSSH2_HOSTKEY_METHOD *privkeyobj; - void *hostkey_abstract; - struct iovec datavec; -@@ -831,9 +837,9 @@ sign_frommemory(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, - rc = memory_read_privatekey(session, &privkeyobj, &hostkey_abstract, - session->userauth_pblc_method, - session->userauth_pblc_method_len, -- pk_file->filename, -- strlen(pk_file->filename), -- pk_file->passphrase); -+ pk_mem->data, -+ pk_mem->data_len, -+ pk_mem->passphrase); - if(rc) - return rc; - -@@ -1835,12 +1841,13 @@ userauth_publickey_frommemory(LIBSSH2_SESSION *session, - { - unsigned char *pubkeydata = NULL; - size_t pubkeydata_len = 0; -- struct privkey_file privkey_file; -- void *abstract = &privkey_file; -+ struct privkey_mem privkey_mem; -+ void *abstract = &privkey_mem; - int rc; - -- privkey_file.filename = privatekeydata; -- privkey_file.passphrase = passphrase; -+ privkey_mem.data = privatekeydata; -+ privkey_mem.data_len = privatekeydata_len; -+ privkey_mem.passphrase = passphrase; - - if(session->userauth_pblc_state == libssh2_NB_state_idle) { - if(publickeydata_len && publickeydata) { --- -2.27.0 - diff --git a/backport-Fix-an-out-of-bounds-read-in-_libssh2_kex_agree_inst.patch b/backport-Fix-an-out-of-bounds-read-in-_libssh2_kex_agree_inst.patch deleted file mode 100644 index 59e10ff8971dd449c993a3481fff8ccddb7ef3ae..0000000000000000000000000000000000000000 --- a/backport-Fix-an-out-of-bounds-read-in-_libssh2_kex_agree_inst.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f52ffc1ccdedcd5a885e85c2d0f0cb872b2b0a7f Mon Sep 17 00:00:00 2001 -From: Michael Buckley -Date: Mon, 8 Jan 2024 15:04:52 -0800 -Subject: [PATCH] Fix an out-of-bounds read in _libssh2_kex_agree_instr when - searching for a KEX not in the server list (#1302) - -Reference:https://github.com/libssh2/libssh2/commit/f52ffc1ccdedcd5a885e85c2d0f0cb872b2b0a7f -Conflict:NA ---- - src/kex.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/kex.c b/src/kex.c -index a7b301e1..65973297 100644 ---- a/src/kex.c -+++ b/src/kex.c -@@ -3349,6 +3349,7 @@ _libssh2_kex_agree_instr(unsigned char *haystack, size_t haystack_len, - left = end_haystack - s; - if((left >= 1) && (left <= haystack_len) && (left > needle_len)) { - s++; -+ left--; - } - else { - return NULL; --- -2.33.0 - diff --git a/backport-Fix-unstable-connections-over-nonblocking-sockets.patch b/backport-Fix-unstable-connections-over-nonblocking-sockets.patch deleted file mode 100644 index 7a37e18aef373d7c710dd6cb0b7ceee087890e9f..0000000000000000000000000000000000000000 --- a/backport-Fix-unstable-connections-over-nonblocking-sockets.patch +++ /dev/null @@ -1,47 +0,0 @@ -From de0048759b871ee61bbd98619daff16be95a3e67 Mon Sep 17 00:00:00 2001 -From: rolag <10981866+rolag@users.noreply.github.com> -Date: Fri, 27 Sep 2024 15:52:47 +0000 -Subject: [PATCH] Fix unstable connections over nonblocking sockets (#1454) - - The `send_existing()` function allows partially sent packets to be sent - fully before any further packets are sent. Originally this returned - `LIBSSH2_ERROR_BAD_USE` when a different caller or thread tried to send - an existing packet created by a different caller or thread causing the - connection to disconnect. Commit 33dddd2f8ac3bc81 removed the return - allowing any caller to continue sending another caller's packet. This - caused connection instability as discussed in #1397 and confused the - client and server causing occasional duplicate packets to be sent and - giving the error `rcvd too much data` as discussed in #1431. We return - `LIBSSH2_ERROR_EAGAIN` instead to allow existing callers to finish - sending their own packets. - - Fixes #1397 - Fixes #1431 - Related #720 - - Credit: klux21, rolag - -Conflict:NA -Reference:https://github.com/libssh2/libssh2/commit/de0048759b871ee61bbd98619daff16be95a3e67 - ---- - src/transport.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/transport.c b/src/transport.c -index 3b30ff8..bbe7f5b 100644 ---- a/src/transport.c -+++ b/src/transport.c -@@ -782,7 +782,8 @@ send_existing(LIBSSH2_SESSION *session, const unsigned char *data, - make the caller really notice his/hers flaw, we return error for - this case */ - _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, -- "Address is different, but will resume nonetheless")); -+ "Address is different, returning EAGAIN")); -+ return LIBSSH2_ERROR_EAGAIN; - } - - *ret = 1; /* set to make our parent return */ --- -2.43.0 - diff --git a/backport-Prevent-possible-double-free-of-hostkey.patch b/backport-Prevent-possible-double-free-of-hostkey.patch deleted file mode 100644 index cf199772fbcd13af1c65e2c3842a5cf8fcd4f152..0000000000000000000000000000000000000000 --- a/backport-Prevent-possible-double-free-of-hostkey.patch +++ /dev/null @@ -1,33 +0,0 @@ -From b3465418471ffa4cf0bbe1e8f28c4d007f060f99 Mon Sep 17 00:00:00 2001 -From: Will Cosgrove -Date: Tue, 10 Sep 2024 09:35:26 -0700 -Subject: [PATCH] Prevent possible double free of hostkey (#1452) - NULL server hostkey based on fuzzer failure case. - -Conflict:NA -Reference:https://github.com/libssh2/libssh2/commit/b3465418471ffa4cf0bbe1e8f28c4d007f060f99 - ---- - src/kex.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/kex.c b/src/kex.c -index 5f381ec..7053316 100644 ---- a/src/kex.c -+++ b/src/kex.c -@@ -379,8 +379,11 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session, - buf.dataptr = buf.data; - buf.dataptr++; /* advance past type */ - -- if(session->server_hostkey) -+ if(session->server_hostkey) { - LIBSSH2_FREE(session, session->server_hostkey); -+ session->server_hostkey = NULL; -+ session->server_hostkey_len = 0; -+ } - - if(_libssh2_copy_string(session, &buf, &(session->server_hostkey), - &host_key_len)) { --- -2.43.0 - diff --git a/backport-We-should-check-whether-key_method-is-a-NULL-pointer.patch b/backport-We-should-check-whether-key_method-is-a-NULL-pointer.patch deleted file mode 100644 index 7c86e25ca58141ed81057fd0f16f67dedf77a305..0000000000000000000000000000000000000000 --- a/backport-We-should-check-whether-key_method-is-a-NULL-pointer.patch +++ /dev/null @@ -1,30 +0,0 @@ -From bec57c409d40822a23f03d2136f33b75b01b4b58 Mon Sep 17 00:00:00 2001 -From: renmingshuai -Date: Sat, 1 Jul 2023 10:14:48 +0800 -Subject: [PATCH] We should check whether *key_method is a NULL pointer instead - of key_method - -Signed-off-by: renmingshuai - -Reference:https://github.com/libssh2/libssh2/commit/bec57c409d40822a23f03d2136f33b75b01b4b58 -Conflict:NA ---- - src/userauth.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/userauth.c b/src/userauth.c -index e7578759..5ce4ccb1 100644 ---- a/src/userauth.c -+++ b/src/userauth.c -@@ -1410,7 +1410,7 @@ _libssh2_key_sign_algorithm(LIBSSH2_SESSION *session, - LIBSSH2_FREE(session, *key_method); - - *key_method = LIBSSH2_ALLOC(session, match_len); -- if(key_method) { -+ if(*key_method) { - memcpy(*key_method, match, match_len); - *key_method_len = match_len; - } --- -2.27.0 - diff --git a/backport-buildconf-drop.patch b/backport-buildconf-drop.patch deleted file mode 100644 index ee79c06a17546cbd9d0454c9efcbcd0732959fbf..0000000000000000000000000000000000000000 --- a/backport-buildconf-drop.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 814a850c97b0d535341868b4aefdfe76179330e9 Mon Sep 17 00:00:00 2001 -From: Viktor Szakats -Date: Tue, 6 Aug 2024 12:55:05 +0200 -Subject: [PATCH] buildconf: drop - Use `autoreconf -fi` instead. - -Conflict:NA -Reference:https://github.com/libssh2/libssh2/commit/814a850c97b0d535341868b4aefdfe76179330e9 ---- - Makefile.am | 2 +- - Makefile.in | 2 +- - buildconf | 8 -------- - tests/ossfuzz/ossfuzz.sh | 2 +- - 4 files changed, 3 insertions(+), 11 deletions(-) - delete mode 100755 buildconf - -diff --git a/Makefile.am b/Makefile.am -index 677be76..9f4252e 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -38,7 +38,7 @@ OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ - EXTRA_DIST = $(WIN32FILES) get_ver.awk \ - maketgz RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ - CMakeLists.txt cmake git2news.pl libssh2-style.el README.md $(OS400FILES) \ -- buildconf Makefile.mk -+ Makefile.mk - - ACLOCAL_AMFLAGS = -I m4 - -diff --git a/Makefile.in b/Makefile.in -index ec124e2..e45cabc 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -427,7 +427,7 @@ OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ - EXTRA_DIST = $(WIN32FILES) get_ver.awk \ - maketgz RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ - CMakeLists.txt cmake git2news.pl libssh2-style.el README.md $(OS400FILES) \ -- buildconf Makefile.mk -+ Makefile.mk - - ACLOCAL_AMFLAGS = -I m4 - all: all-recursive -diff --git a/buildconf b/buildconf -deleted file mode 100755 -index 1649f37..0000000 ---- a/buildconf -+++ /dev/null -@@ -1,8 +0,0 @@ --#!/bin/sh -- --echo "***" >&2 --echo "*** Do not use buildconf. Instead, use: autoreconf -fi" >&2 --echo "*** Doing it for you now, but buildconf may disappear in the future." >&2 --echo "***" >&2 -- --exec ${AUTORECONF:-autoreconf} -fi "${@}" -diff --git a/tests/ossfuzz/ossfuzz.sh b/tests/ossfuzz/ossfuzz.sh -index 7925fb7..032b686 100755 ---- a/tests/ossfuzz/ossfuzz.sh -+++ b/tests/ossfuzz/ossfuzz.sh -@@ -22,7 +22,7 @@ export MAKEFLAGS - apt-get -y install automake libtool libssl-dev zlib1g-dev - - # Compile the fuzzer. --./buildconf -+autoreconf -fi - ./configure --disable-shared \ - --enable-ossfuzzers \ - --disable-examples-build \ --- -2.43.0 - diff --git a/backport-openssl-fix-cppcheck-found-NULL-dereferences-1304.patch b/backport-openssl-fix-cppcheck-found-NULL-dereferences-1304.patch deleted file mode 100644 index 7b1dd6905bd39c34331c022de4f27310a3fc1247..0000000000000000000000000000000000000000 --- a/backport-openssl-fix-cppcheck-found-NULL-dereferences-1304.patch +++ /dev/null @@ -1,170 +0,0 @@ -From f2945905fbae7728869bffb9e034604cafcffb49 Mon Sep 17 00:00:00 2001 -From: Ryan Kelley -Date: Thu, 18 Jan 2024 14:37:52 -0500 -Subject: [PATCH] openssl: fix cppcheck found NULL dereferences (#1304) - -* Fix NULL dereference in gen_publickey_from_rsa_evp and - gen_publickey_from_dsa_evp. -* Add checks for en_publickey_from_ec_evp and en_publickey_from_ed_evp - -Reference:https://github.com/libssh2/libssh2/commit/f2945905fbae7728869bffb9e034604cafcffb49 -Conflict:b0ab005fe792(openssl: use non-deprecated APIs with OpenSSL3.x) - ed439a29bb04(Support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys) - ---- - src/openssl.c | 83 ++++++++++++++++++++++++++++++++------------------- - 1 file changed, 53 insertions(+), 30 deletions(-) - -diff --git a/src/openssl.c b/src/openssl.c -index 919a8d9..905af3e 100644 ---- a/src/openssl.c -+++ b/src/openssl.c -@@ -820,10 +820,14 @@ gen_publickey_from_rsa_evp(LIBSSH2_SESSION *session, - RSA_free(rsa); - - memcpy(method_buf, "ssh-rsa", 7); -- *method = method_buf; -- *method_len = 7; -- *pubkeydata = key; -- *pubkeydata_len = key_len; -+ *method = method_buf; -+ if(method_len) { -+ *method_len = 7; -+ } -+ *pubkeydata = key; -+ if(pubkeydata_len) { -+ *pubkeydata_len = key_len; -+ } - return 0; - - __alloc_error: -@@ -1219,10 +1223,14 @@ gen_publickey_from_dsa_evp(LIBSSH2_SESSION *session, - DSA_free(dsa); - - memcpy(method_buf, "ssh-dss", 7); -- *method = method_buf; -- *method_len = 7; -- *pubkeydata = key; -- *pubkeydata_len = key_len; -+ *method = method_buf; -+ if(method_len) { -+ *method_len = 7; -+ } -+ *pubkeydata = key; -+ if(pubkeydata_len) { -+ *pubkeydata_len = key_len; -+ } - return 0; - - __alloc_error: -@@ -1589,10 +1597,14 @@ gen_publickey_from_ed_evp(LIBSSH2_SESSION *session, - goto fail; - } - -- *method = methodBuf; -- *method_len = sizeof(methodName) - 1; -- *pubkeydata = keyBuf; -- *pubkeydata_len = bufLen; -+ *method = methodBuf; -+ if(method_len) { -+ *method_len = sizeof(methodName) - 1; -+ } -+ *pubkeydata = keyBuf; -+ if(pubkeydata_len) { -+ *pubkeydata_len = bufLen; -+ } - return 0; - - fail: -@@ -2561,6 +2573,7 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, - unsigned char *p; - unsigned char *method_buf = NULL; - unsigned char *key; -+ size_t method_buf_len = 0; - size_t key_len = 0; - unsigned char *octal_value = NULL; - size_t octal_len; -@@ -2588,24 +2601,29 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, - type = _libssh2_ecdsa_get_curve_type(ec); - - if(is_sk) -- *method_len = 34; -+ method_buf_len = 34; - else -- *method_len = 19; -+ method_buf_len = 19; - -- method_buf = LIBSSH2_ALLOC(session, *method_len); -+ method_buf = LIBSSH2_ALLOC(session, method_buf_len); - if(!method_buf) { - return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, - "out of memory"); - } - -- if(is_sk) -- memcpy(method_buf, "sk-ecdsa-sha2-nistp256@openssh.com", *method_len); -- else if(type == LIBSSH2_EC_CURVE_NISTP256) -- memcpy(method_buf, "ecdsa-sha2-nistp256", *method_len); -- else if(type == LIBSSH2_EC_CURVE_NISTP384) -- memcpy(method_buf, "ecdsa-sha2-nistp384", *method_len); -- else if(type == LIBSSH2_EC_CURVE_NISTP521) -- memcpy(method_buf, "ecdsa-sha2-nistp521", *method_len); -+ if(is_sk) { -+ memcpy(method_buf, "sk-ecdsa-sha2-nistp256@openssh.com", -+ method_buf_len); -+ } -+ else if(type == LIBSSH2_EC_CURVE_NISTP256) { -+ memcpy(method_buf, "ecdsa-sha2-nistp256", method_buf_len); -+ } -+ else if(type == LIBSSH2_EC_CURVE_NISTP384) { -+ memcpy(method_buf, "ecdsa-sha2-nistp384", method_buf_len); -+ } -+ else if(type == LIBSSH2_EC_CURVE_NISTP521) { -+ memcpy(method_buf, "ecdsa-sha2-nistp521", method_buf_len); -+ } - else { - _libssh2_debug((session, - LIBSSH2_TRACE_ERROR, -@@ -2636,9 +2654,9 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, - goto clean_exit; - } - -- /* Key form is: type_len(4) + type(method_len) + domain_len(4) + domain(8) -- + pub_key_len(4) + pub_key(~65). */ -- key_len = 4 + *method_len + 4 + 8 + 4 + octal_len; -+ /* Key form is: type_len(4) + type(method_buf_len) + domain_len(4) -+ + domain(8) + pub_key_len(4) + pub_key(~65). */ -+ key_len = 4 + method_buf_len + 4 + 8 + 4 + octal_len; - key = LIBSSH2_ALLOC(session, key_len); - if(!key) { - rc = -1; -@@ -2649,7 +2667,7 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, - p = key; - - /* Key type */ -- _libssh2_store_str(&p, (const char *)method_buf, *method_len); -+ _libssh2_store_str(&p, (const char *)method_buf, method_buf_len); - - /* Name domain */ - if(is_sk) { -@@ -2662,9 +2680,14 @@ gen_publickey_from_ec_evp(LIBSSH2_SESSION *session, - /* Public key */ - _libssh2_store_str(&p, (const char *)octal_value, octal_len); - -- *method = method_buf; -- *pubkeydata = key; -- *pubkeydata_len = key_len; -+ *method = method_buf; -+ if(method_len) { -+ *method_len = method_buf_len; -+ } -+ *pubkeydata = key; -+ if(pubkeydata_len) { -+ *pubkeydata_len = key_len; -+ } - - clean_exit: - --- -2.33.0 - diff --git a/backport-session-support-server-banners-up-to-8192-bytes-was-256.patch b/backport-session-support-server-banners-up-to-8192-bytes-was-256.patch deleted file mode 100644 index 98e6b849910a806ee5642615af2961e521e9befa..0000000000000000000000000000000000000000 --- a/backport-session-support-server-banners-up-to-8192-bytes-was-256.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 1a9e8811f7fa7538a52e2dd0150a094368471bf3 Mon Sep 17 00:00:00 2001 -From: Anders Borum -Date: Tue, 8 Oct 2024 08:11:02 +0200 -Subject: [PATCH] session: support server banners up to 8192 bytes (was: 256) - - If server had banner exceeding 256 bytes there wasn't enough room in - `_LIBSSH2_SESSION.banner_TxRx_banner`. Only the first 256 bytes would be - read making the first packet read fail but also dooming key exchange as - `session->remote.banner` didn't include everything. - - This change bumps the banner buffer to 8KB to match OpenSSH. - - Fixes #1442 - Closes #1443 - -Reference:https://github.com/libssh2/libssh2/commit/1a9e8811f7fa7538a52e2dd0150a094368471bf3 -Conflict:NA - ---- - src/libssh2_priv.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/libssh2_priv.h b/src/libssh2_priv.h -index ee1d8b5..b1f32b1 100644 ---- a/src/libssh2_priv.h -+++ b/src/libssh2_priv.h -@@ -742,7 +742,7 @@ struct _LIBSSH2_SESSION - - /* State variables used in libssh2_banner_send() */ - libssh2_nonblocking_states banner_TxRx_state; -- char banner_TxRx_banner[256]; -+ char banner_TxRx_banner[8192]; - ssize_t banner_TxRx_total_send; - - /* State variables used in libssh2_kexinit() */ --- -2.43.0 - diff --git a/backport-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-At.patch b/backport-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-At.patch deleted file mode 100644 index e2c28c134114a03a9af1b7a0f03fa14f50f6c3c3..0000000000000000000000000000000000000000 --- a/backport-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-At.patch +++ /dev/null @@ -1,465 +0,0 @@ -From d34d9258b8420b19ec3f97b4cc5bf7aa7d98e35a Mon Sep 17 00:00:00 2001 -From: Michael Buckley -Date: Thu, 30 Nov 2023 15:08:02 -0800 -Subject: [PATCH] src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin -Attack" - -Refs: -https://terrapin-attack.com/ -https://seclists.org/oss-sec/2023/q4/292 -https://osv.dev/list?ecosystem=&q=CVE-2023-48795 -https://github.com/advisories/GHSA-45x7-px36-x8w8 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 - -Fixes #1290 -Closes #1291 - -Reference:https://github.com/libssh2/libssh2/commit/d34d9258b8420b19ec3f97b4cc5bf7aa7d98e35a ---- - src/kex.c | 63 +++++++++++++++++++++++------------ - src/libssh2_priv.h | 18 +++++++--- - src/packet.c | 83 +++++++++++++++++++++++++++++++++++++++++++--- - src/packet.h | 2 +- - src/session.c | 3 ++ - src/transport.c | 12 ++++++- - 6 files changed, 149 insertions(+), 32 deletions(-) - -diff --git a/src/kex.c b/src/kex.c -index d4034a0..b4b748c 100644 ---- a/src/kex.c -+++ b/src/kex.c -@@ -3037,6 +3037,13 @@ kex_method_extension_negotiation = { - 0, - }; - -+static const LIBSSH2_KEX_METHOD -+kex_method_strict_client_extension = { -+ "kex-strict-c-v00@openssh.com", -+ NULL, -+ 0, -+}; -+ - static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = { - #if LIBSSH2_ED25519 - &kex_method_ssh_curve25519_sha256, -@@ -3055,6 +3062,7 @@ static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = { - &kex_method_diffie_helman_group1_sha1, - &kex_method_diffie_helman_group_exchange_sha1, - &kex_method_extension_negotiation, -+ &kex_method_strict_client_extension, - NULL - }; - -@@ -3307,13 +3315,13 @@ static int kexinit(LIBSSH2_SESSION * session) - return 0; - } - --/* kex_agree_instr -+/* _libssh2_kex_agree_instr - * Kex specific variant of strstr() - * Needle must be preceded by BOL or ',', and followed by ',' or EOL - */ --static unsigned char * --kex_agree_instr(unsigned char *haystack, size_t haystack_len, -- const unsigned char *needle, size_t needle_len) -+unsigned char * -+_libssh2_kex_agree_instr(unsigned char *haystack, size_t haystack_len, -+ const unsigned char *needle, size_t needle_len) - { - unsigned char *s; - unsigned char *end_haystack; -@@ -3398,7 +3406,7 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session, - while(s && *s) { - unsigned char *p = (unsigned char *) strchr((char *) s, ','); - size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s)); -- if(kex_agree_instr(hostkey, hostkey_len, s, method_len)) { -+ if(_libssh2_kex_agree_instr(hostkey, hostkey_len, s, method_len)) { - const LIBSSH2_HOSTKEY_METHOD *method = - (const LIBSSH2_HOSTKEY_METHOD *) - kex_get_method_by_name((char *) s, method_len, -@@ -3432,9 +3440,9 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session, - } - - while(hostkeyp && (*hostkeyp) && (*hostkeyp)->name) { -- s = kex_agree_instr(hostkey, hostkey_len, -- (unsigned char *) (*hostkeyp)->name, -- strlen((*hostkeyp)->name)); -+ s = _libssh2_kex_agree_instr(hostkey, hostkey_len, -+ (unsigned char *) (*hostkeyp)->name, -+ strlen((*hostkeyp)->name)); - if(s) { - /* So far so good, but does it suit our purposes? (Encrypting vs - Signing) */ -@@ -3468,6 +3476,12 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex, - { - const LIBSSH2_KEX_METHOD **kexp = libssh2_kex_methods; - unsigned char *s; -+ const unsigned char *strict = -+ (unsigned char *)"kex-strict-s-v00@openssh.com"; -+ -+ if(_libssh2_kex_agree_instr(kex, kex_len, strict, 28)) { -+ session->kex_strict = 1; -+ } - - if(session->kex_prefs) { - s = (unsigned char *) session->kex_prefs; -@@ -3475,7 +3489,7 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex, - while(s && *s) { - unsigned char *q, *p = (unsigned char *) strchr((char *) s, ','); - size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s)); -- q = kex_agree_instr(kex, kex_len, s, method_len); -+ q = _libssh2_kex_agree_instr(kex, kex_len, s, method_len); - if(q) { - const LIBSSH2_KEX_METHOD *method = (const LIBSSH2_KEX_METHOD *) - kex_get_method_by_name((char *) s, method_len, -@@ -3509,9 +3523,9 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex, - } - - while(*kexp && (*kexp)->name) { -- s = kex_agree_instr(kex, kex_len, -- (unsigned char *) (*kexp)->name, -- strlen((*kexp)->name)); -+ s = _libssh2_kex_agree_instr(kex, kex_len, -+ (unsigned char *) (*kexp)->name, -+ strlen((*kexp)->name)); - if(s) { - /* We've agreed on a key exchange method, - * Can we agree on a hostkey that works with this kex? -@@ -3555,7 +3569,7 @@ static int kex_agree_crypt(LIBSSH2_SESSION * session, - unsigned char *p = (unsigned char *) strchr((char *) s, ','); - size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s)); - -- if(kex_agree_instr(crypt, crypt_len, s, method_len)) { -+ if(_libssh2_kex_agree_instr(crypt, crypt_len, s, method_len)) { - const LIBSSH2_CRYPT_METHOD *method = - (const LIBSSH2_CRYPT_METHOD *) - kex_get_method_by_name((char *) s, method_len, -@@ -3577,9 +3591,9 @@ static int kex_agree_crypt(LIBSSH2_SESSION * session, - } - - while(*cryptp && (*cryptp)->name) { -- s = kex_agree_instr(crypt, crypt_len, -- (unsigned char *) (*cryptp)->name, -- strlen((*cryptp)->name)); -+ s = _libssh2_kex_agree_instr(crypt, crypt_len, -+ (unsigned char *) (*cryptp)->name, -+ strlen((*cryptp)->name)); - if(s) { - endpoint->crypt = *cryptp; - return 0; -@@ -3619,7 +3633,7 @@ static int kex_agree_mac(LIBSSH2_SESSION * session, - unsigned char *p = (unsigned char *) strchr((char *) s, ','); - size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s)); - -- if(kex_agree_instr(mac, mac_len, s, method_len)) { -+ if(_libssh2_kex_agree_instr(mac, mac_len, s, method_len)) { - const LIBSSH2_MAC_METHOD *method = (const LIBSSH2_MAC_METHOD *) - kex_get_method_by_name((char *) s, method_len, - (const LIBSSH2_COMMON_METHOD **) -@@ -3640,8 +3654,9 @@ static int kex_agree_mac(LIBSSH2_SESSION * session, - } - - while(*macp && (*macp)->name) { -- s = kex_agree_instr(mac, mac_len, (unsigned char *) (*macp)->name, -- strlen((*macp)->name)); -+ s = _libssh2_kex_agree_instr(mac, mac_len, -+ (unsigned char *) (*macp)->name, -+ strlen((*macp)->name)); - if(s) { - endpoint->mac = *macp; - return 0; -@@ -3672,7 +3687,7 @@ static int kex_agree_comp(LIBSSH2_SESSION *session, - unsigned char *p = (unsigned char *) strchr((char *) s, ','); - size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s)); - -- if(kex_agree_instr(comp, comp_len, s, method_len)) { -+ if(_libssh2_kex_agree_instr(comp, comp_len, s, method_len)) { - const LIBSSH2_COMP_METHOD *method = - (const LIBSSH2_COMP_METHOD *) - kex_get_method_by_name((char *) s, method_len, -@@ -3694,8 +3709,9 @@ static int kex_agree_comp(LIBSSH2_SESSION *session, - } - - while(*compp && (*compp)->name) { -- s = kex_agree_instr(comp, comp_len, (unsigned char *) (*compp)->name, -- strlen((*compp)->name)); -+ s = _libssh2_kex_agree_instr(comp, comp_len, -+ (unsigned char *) (*compp)->name, -+ strlen((*compp)->name)); - if(s) { - endpoint->comp = *compp; - return 0; -@@ -3876,6 +3892,7 @@ _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange, - session->local.kexinit = key_state->oldlocal; - session->local.kexinit_len = key_state->oldlocal_len; - key_state->state = libssh2_NB_state_idle; -+ session->state &= ~LIBSSH2_STATE_INITIAL_KEX; - session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; - session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; - return -1; -@@ -3901,6 +3918,7 @@ _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange, - session->local.kexinit = key_state->oldlocal; - session->local.kexinit_len = key_state->oldlocal_len; - key_state->state = libssh2_NB_state_idle; -+ session->state &= ~LIBSSH2_STATE_INITIAL_KEX; - session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; - session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; - return -1; -@@ -3949,6 +3967,7 @@ _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange, - session->remote.kexinit = NULL; - } - -+ session->state &= ~LIBSSH2_STATE_INITIAL_KEX; - session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; - session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; - -diff --git a/src/libssh2_priv.h b/src/libssh2_priv.h -index 82c3afe..ee1d8b5 100644 ---- a/src/libssh2_priv.h -+++ b/src/libssh2_priv.h -@@ -699,6 +699,9 @@ struct _LIBSSH2_SESSION - /* key signing algorithm preferences -- NULL yields server order */ - char *sign_algo_prefs; - -+ /* Whether to use the OpenSSH Strict KEX extension */ -+ int kex_strict; -+ - /* (remote as source of data -- packet_read ) */ - libssh2_endpoint_data remote; - -@@ -870,6 +873,7 @@ struct _LIBSSH2_SESSION - int fullpacket_macstate; - size_t fullpacket_payload_len; - int fullpacket_packet_type; -+ uint32_t fullpacket_required_type; - - /* State variables used in libssh2_sftp_init() */ - libssh2_nonblocking_states sftpInit_state; -@@ -910,10 +914,11 @@ struct _LIBSSH2_SESSION - }; - - /* session.state bits */ --#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000001 --#define LIBSSH2_STATE_NEWKEYS 0x00000002 --#define LIBSSH2_STATE_AUTHENTICATED 0x00000004 --#define LIBSSH2_STATE_KEX_ACTIVE 0x00000008 -+#define LIBSSH2_STATE_INITIAL_KEX 0x00000001 -+#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 -+#define LIBSSH2_STATE_NEWKEYS 0x00000004 -+#define LIBSSH2_STATE_AUTHENTICATED 0x00000008 -+#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 - - /* session.flag helpers */ - #ifdef MSG_NOSIGNAL -@@ -1144,6 +1149,11 @@ ssize_t _libssh2_send(libssh2_socket_t socket, const void *buffer, - int _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange, - key_exchange_state_t * state); - -+unsigned char *_libssh2_kex_agree_instr(unsigned char *haystack, -+ size_t haystack_len, -+ const unsigned char *needle, -+ size_t needle_len); -+ - /* Let crypt.c/hostkey.c expose their method structs */ - const LIBSSH2_CRYPT_METHOD **libssh2_crypt_methods(void); - const LIBSSH2_HOSTKEY_METHOD **libssh2_hostkey_methods(void); -diff --git a/src/packet.c b/src/packet.c -index b5b4198..35d4d39 100644 ---- a/src/packet.c -+++ b/src/packet.c -@@ -605,14 +605,13 @@ authagent_exit: - * layer when it has received a packet. - * - * The input pointer 'data' is pointing to allocated data that this function -- * is asked to deal with so on failure OR success, it must be freed fine. -- * The only exception is when the return code is LIBSSH2_ERROR_EAGAIN. -+ * will be freed unless return the code is LIBSSH2_ERROR_EAGAIN. - * - * This function will always be called with 'datalen' greater than zero. - */ - int - _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, -- size_t datalen, int macstate) -+ size_t datalen, int macstate, uint32_t seq) - { - int rc = 0; - unsigned char *message = NULL; -@@ -657,6 +656,70 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, - break; - } - -+ if(session->state & LIBSSH2_STATE_INITIAL_KEX) { -+ if(msg == SSH_MSG_KEXINIT) { -+ if(!session->kex_strict) { -+ if(datalen < 17) { -+ LIBSSH2_FREE(session, data); -+ session->packAdd_state = libssh2_NB_state_idle; -+ return _libssh2_error(session, -+ LIBSSH2_ERROR_BUFFER_TOO_SMALL, -+ "Data too short extracting kex"); -+ } -+ else { -+ const unsigned char *strict = -+ (unsigned char *)"kex-strict-s-v00@openssh.com"; -+ struct string_buf buf; -+ unsigned char *algs = NULL; -+ size_t algs_len = 0; -+ -+ buf.data = (unsigned char *)data; -+ buf.dataptr = buf.data; -+ buf.len = datalen; -+ buf.dataptr += 17; /* advance past type and cookie */ -+ -+ if(_libssh2_get_string(&buf, &algs, &algs_len)) { -+ LIBSSH2_FREE(session, data); -+ session->packAdd_state = libssh2_NB_state_idle; -+ return _libssh2_error(session, -+ LIBSSH2_ERROR_BUFFER_TOO_SMALL, -+ "Algs too short"); -+ } -+ -+ if(algs_len == 0 || -+ _libssh2_kex_agree_instr(algs, algs_len, strict, 28)) { -+ session->kex_strict = 1; -+ } -+ } -+ } -+ -+ if(session->kex_strict && seq) { -+ LIBSSH2_FREE(session, data); -+ session->socket_state = LIBSSH2_SOCKET_DISCONNECTED; -+ session->packAdd_state = libssh2_NB_state_idle; -+ libssh2_session_disconnect(session, "strict KEX violation: " -+ "KEXINIT was not the first packet"); -+ -+ return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT, -+ "strict KEX violation: " -+ "KEXINIT was not the first packet"); -+ } -+ } -+ -+ if(session->kex_strict && session->fullpacket_required_type && -+ session->fullpacket_required_type != msg) { -+ LIBSSH2_FREE(session, data); -+ session->socket_state = LIBSSH2_SOCKET_DISCONNECTED; -+ session->packAdd_state = libssh2_NB_state_idle; -+ libssh2_session_disconnect(session, "strict KEX violation: " -+ "unexpected packet type"); -+ -+ return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT, -+ "strict KEX violation: " -+ "unexpected packet type"); -+ } -+ } -+ - if(session->packAdd_state == libssh2_NB_state_allocated) { - /* A couple exceptions to the packet adding rule: */ - switch(msg) { -@@ -1341,6 +1404,15 @@ _libssh2_packet_ask(LIBSSH2_SESSION * session, unsigned char packet_type, - - return 0; - } -+ else if(session->kex_strict && -+ (session->state & LIBSSH2_STATE_INITIAL_KEX)) { -+ libssh2_session_disconnect(session, "strict KEX violation: " -+ "unexpected packet type"); -+ -+ return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT, -+ "strict KEX violation: " -+ "unexpected packet type"); -+ } - packet = _libssh2_list_next(&packet->node); - } - return -1; -@@ -1402,7 +1474,10 @@ _libssh2_packet_require(LIBSSH2_SESSION * session, unsigned char packet_type, - } - - while(session->socket_state == LIBSSH2_SOCKET_CONNECTED) { -- int ret = _libssh2_transport_read(session); -+ int ret; -+ session->fullpacket_required_type = packet_type; -+ ret = _libssh2_transport_read(session); -+ session->fullpacket_required_type = 0; - if(ret == LIBSSH2_ERROR_EAGAIN) - return ret; - else if(ret < 0) { -diff --git a/src/packet.h b/src/packet.h -index 79018bc..6ea100a 100644 ---- a/src/packet.h -+++ b/src/packet.h -@@ -71,6 +71,6 @@ int _libssh2_packet_burn(LIBSSH2_SESSION * session, - int _libssh2_packet_write(LIBSSH2_SESSION * session, unsigned char *data, - unsigned long data_len); - int _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data, -- size_t datalen, int macstate); -+ size_t datalen, int macstate, uint32_t seq); - - #endif /* __LIBSSH2_PACKET_H */ -diff --git a/src/session.c b/src/session.c -index a4d602b..f4bafb5 100644 ---- a/src/session.c -+++ b/src/session.c -@@ -464,6 +464,8 @@ libssh2_session_init_ex(LIBSSH2_ALLOC_FUNC((*my_alloc)), - session->abstract = abstract; - session->api_timeout = 0; /* timeout-free API by default */ - session->api_block_mode = 1; /* blocking API by default */ -+ session->state = LIBSSH2_STATE_INITIAL_KEX; -+ session->fullpacket_required_type = 0; - session->packet_read_timeout = LIBSSH2_DEFAULT_READ_TIMEOUT; - session->flag.quote_paths = 1; /* default behavior is to quote paths - for the scp subsystem */ -@@ -1186,6 +1188,7 @@ libssh2_session_disconnect_ex(LIBSSH2_SESSION *session, int reason, - const char *desc, const char *lang) - { - int rc; -+ session->state &= ~LIBSSH2_STATE_INITIAL_KEX; - session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; - BLOCK_ADJUST(rc, session, - session_disconnect(session, reason, desc, lang)); -diff --git a/src/transport.c b/src/transport.c -index 6d902d3..3b30ff8 100644 ---- a/src/transport.c -+++ b/src/transport.c -@@ -187,6 +187,7 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ ) - struct transportpacket *p = &session->packet; - int rc; - int compressed; -+ uint32_t seq = session->remote.seqno; - - if(session->fullpacket_state == libssh2_NB_state_idle) { - session->fullpacket_macstate = LIBSSH2_MAC_CONFIRMED; -@@ -318,7 +319,7 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ ) - if(session->fullpacket_state == libssh2_NB_state_created) { - rc = _libssh2_packet_add(session, p->payload, - session->fullpacket_payload_len, -- session->fullpacket_macstate); -+ session->fullpacket_macstate, seq); - if(rc == LIBSSH2_ERROR_EAGAIN) - return rc; - if(rc) { -@@ -329,6 +330,11 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ ) - - session->fullpacket_state = libssh2_NB_state_idle; - -+ if(session->kex_strict && -+ session->fullpacket_packet_type == SSH_MSG_NEWKEYS) { -+ session->remote.seqno = 0; -+ } -+ - return session->fullpacket_packet_type; - } - -@@ -1091,6 +1097,10 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session, - - session->local.seqno++; - -+ if(session->kex_strict && data[0] == SSH_MSG_NEWKEYS) { -+ session->local.seqno = 0; -+ } -+ - ret = LIBSSH2_SEND(session, p->outbuf, total_length, - LIBSSH2_SOCKET_SEND_FLAGS(session)); - if(ret < 0) --- -2.33.0 - diff --git a/backport-userauth-avoid-oob-with-huge-interactive-kbd-respons.patch b/backport-userauth-avoid-oob-with-huge-interactive-kbd-respons.patch deleted file mode 100644 index ab40fe01a334dd009a48d29cec076dc8e5b8aa7d..0000000000000000000000000000000000000000 --- a/backport-userauth-avoid-oob-with-huge-interactive-kbd-respons.patch +++ /dev/null @@ -1,52 +0,0 @@ -From a6a9093b39824a00258f96a5301a844b4d870cdc Mon Sep 17 00:00:00 2001 -From: Viktor Szakats -Date: Thu, 28 Mar 2024 16:59:58 +0000 -Subject: [PATCH] userauth: avoid oob with huge interactive kbd response - -- If the length of a response is `UINT_MAX - 3` or larger, an unsigned - integer overflow occurs on 64-bit systems. Avoid such truncation to - always allocate enough memory to avoid subsequent out of boundary - writes. - - Patch-by: Tobias Stoeckmann - -- also add FIXME to bump up length field to `size_t` (ABI break) - -Closes #1337 - -Reference:https://github.com/libssh2/libssh2/commit/a6a9093b39824a00258f96a5301a844b4d870cdc -Conflict:NA ---- - include/libssh2.h | 2 +- - src/userauth.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/include/libssh2.h b/include/libssh2.h -index 8bc8a138..71673801 100644 ---- a/include/libssh2.h -+++ b/include/libssh2.h -@@ -292,7 +292,7 @@ typedef struct _LIBSSH2_USERAUTH_KBDINT_PROMPT - typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE - { - char *text; -- unsigned int length; -+ unsigned int length; /* FIXME: change type to size_t */ - } LIBSSH2_USERAUTH_KBDINT_RESPONSE; - - typedef struct _LIBSSH2_SK_SIG_INFO { -diff --git a/src/userauth.c b/src/userauth.c -index 60fd48e4..43df3e15 100644 ---- a/src/userauth.c -+++ b/src/userauth.c -@@ -2188,7 +2188,7 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session, - if(session->userauth_kybd_responses[i].length <= - (SIZE_MAX - 4 - session->userauth_kybd_packet_len)) { - session->userauth_kybd_packet_len += -- 4 + session->userauth_kybd_responses[i].length; -+ 4 + (size_t)session->userauth_kybd_responses[i].length; - } - else { - _libssh2_error(session, LIBSSH2_ERROR_ALLOC, --- -2.33.0 - diff --git a/libssh2-1.11.0-strict-modes.patch b/libssh2-1.11.0-strict-modes.patch deleted file mode 100644 index c2fbcf8107e970260137c0c0a34ecd91b174c379..0000000000000000000000000000000000000000 --- a/libssh2-1.11.0-strict-modes.patch +++ /dev/null @@ -1,15 +0,0 @@ -Group-writeable directories in the hierarchy above where we -run the tests from can cause failures due to openssh's strict -permissions checks. Adding this option helps the tests to run -more reliably on a variety of build systems. - ---- /tests/test_sshd.test -+++ /tests/test_sshd.test -@@ -71,6 +71,7 @@ chmod go-rwx \ - # shellcheck disable=SC2086 - "${SSHD}" \ - -f "${SSHD_FIXTURE_CONFIG:-${d}/openssh_server/sshd_config}" \ -+ -o 'StrictModes no' \ - -o 'Port 4711' \ - -h "${d}/openssh_server/ssh_host_rsa_key" \ - -h "${d}/openssh_server/ssh_host_ecdsa_key" \ diff --git a/libssh2-1.11.0.tar.gz b/libssh2-1.11.0.tar.gz deleted file mode 100644 index a2a60461915f588ad6b0653d77cf49f64750be3a..0000000000000000000000000000000000000000 Binary files a/libssh2-1.11.0.tar.gz and /dev/null differ diff --git a/libssh2-1.11.1.tar.xz b/libssh2-1.11.1.tar.xz new file mode 100644 index 0000000000000000000000000000000000000000..195bab2e61fcbd405597cb952177206ecefcde2e Binary files /dev/null and b/libssh2-1.11.1.tar.xz differ diff --git a/libssh2.spec b/libssh2.spec index fd933df8ddfd28de607180ba885d55f7aa1c0c68..d8d733f4ba4838c1385ccfc9203b906793c08e86 100644 --- a/libssh2.spec +++ b/libssh2.spec @@ -1,25 +1,12 @@ Name: libssh2 -Version: 1.11.0 -Release: 4 +Version: 1.11.1 +Release: 1 Summary: A library implementing the SSH2 protocol -License: BSD +License: BSD-3-Clause URL: https://www.libssh2.org/ -Source0: https://libssh2.org/download/libssh2-%{version}.tar.gz - -Patch0: backport-src-add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-At.patch -Patch1: libssh2-1.11.0-strict-modes.patch -Patch2: backport-Add-NULL-pointer-check-for-outlen-before-use-1109.patch -Patch3: backport-We-should-check-whether-key_method-is-a-NULL-pointer.patch -Patch4: backport-Add-a-new-structure-to-separate-memory-read-and-file.patch -Patch5: backport-Fix-an-out-of-bounds-read-in-_libssh2_kex_agree_inst.patch -Patch6: backport-openssl-fix-cppcheck-found-NULL-dereferences-1304.patch -Patch7: backport-userauth-avoid-oob-with-huge-interactive-kbd-respons.patch -Patch8: backport-buildconf-drop.patch -Patch9: backport-Prevent-possible-double-free-of-hostkey.patch -Patch10: backport-Fix-unstable-connections-over-nonblocking-sockets.patch -Patch11: backport-session-support-server-banners-up-to-8192-bytes-was-256.patch - -BuildRequires: coreutils findutils /usr/bin/man zlib-devel +Source0: https://libssh2.org/download/libssh2-%{version}.tar.xz + +BuildRequires: coreutils findutils zlib-devel BuildRequires: gcc make sed openssl-devel > 1:1.0.2 openssh-server BuildRequires: glibc-langpack-en groff @@ -31,7 +18,7 @@ SECSH-DHGEX(04), and SECSH-NUMBERS(10). %package devel Summary: Development files for libssh2 -Requires: %{name}%{?_isa} = %{version}-%{release} pkgconfig +Requires: %{name}%{?_isa} = %{version}-%{release} %description devel The libssh2-devel package contains libraries and header files for @@ -45,7 +32,7 @@ developing applications that use libssh2. sed -i s/4711/47%{?__isa_bits}/ tests/{openssh_fixture.c,test_ssh{2.c,d.test}} %build -%configure --disable-silent-rules --enable-shared --disable-docker-tests +%configure --disable-silent-rules --disable-static --enable-shared --disable-docker-tests %make_build %install @@ -59,44 +46,27 @@ find example/ -type f '(' -name '*.am' -o -name '*.in' ')' -delete mv -v example example.%{_arch} %check -echo "Running tests for %{_arch}" -if [ ! -c /dev/tty ]; then - echo Skipping SSH test due to missing /dev/tty - echo "exit 0" > tests/ssh2.sh -fi -%ifarch %{sparc} %{arm} -echo Skipping SSH test on sparc/arm -echo "exit 0" > tests/ssh2.sh -%endif -%ifarch ppc %{power64} aarch64 -echo "Skipping mansyntax test on PPC* and aarch64" -echo "exit 0" > tests/mansyntax.sh -%endif -#LC_ALL=en_US.UTF-8 make -C tests check - -%ldconfig_scriptlets +LC_ALL=en_US.UTF-8 make -C tests check %files -%defattr(-,root,root) -%{!?_licensedir:%global license %%doc} %doc docs/AUTHORS NEWS README RELEASE-NOTES %license COPYING %{_libdir}/*.so.* %files devel -%defattr(-,root,root) %doc example.%{_arch}/ %{_includedir}/*.h %{_libdir}/*.so -%{_libdir}/*.a %{_libdir}/pkgconfig/*.pc %files help -%defattr(-,root,root) %doc docs/BINDINGS.md docs/HACKING.md docs/TODO NEWS %{_mandir}/man3/libssh2_*.3* %changelog +* Sat Jan 04 2025 Funda Wang - 1.11.1-1 +- update to 1.11.1 + * Tue Oct 29 2024 bitianyuan - 1.11.0-4 - Type:bugfix - ID:NA diff --git a/libssh2.yaml b/libssh2.yaml index e6b89bd50717323a452b4fbbb9d054f751f8db1a..ad6ff66fa21d57e9c933c08bf50c5cdf5426a21b 100644 --- a/libssh2.yaml +++ b/libssh2.yaml @@ -1,4 +1,4 @@ version_control: github src_repo: libssh2/libssh2 -tag_prefix: libssh2- -seperator: . +tag_prefix: ^libssh2- +separator: .