diff options
Diffstat (limited to 'net-libs/libssh')
-rw-r--r-- | net-libs/libssh/Manifest | 3 | ||||
-rw-r--r-- | net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch | 30 | ||||
-rw-r--r-- | net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch | 156 | ||||
-rw-r--r-- | net-libs/libssh/libssh-0.7.5-r2.ebuild | 102 |
4 files changed, 291 insertions, 0 deletions
diff --git a/net-libs/libssh/Manifest b/net-libs/libssh/Manifest index 47e5bb3d48ef..eb82c2f2d8e9 100644 --- a/net-libs/libssh/Manifest +++ b/net-libs/libssh/Manifest @@ -1,9 +1,12 @@ AUX libssh-0.5.0-tests.patch 446 BLAKE2B dab1ad97c37e43f25ca6acb3aef57542f4f0e3059618240da0f600ed0aa364dc9c0eee92dc1f6ac848b11da2f69fcbb4b75b0393727774b928202f7f3685853f SHA512 e751ac1c3749ecbd8ee2f960ad09e861763cbdb9bccc7c95ae27ca4768e8c9ae5ab55342151a2799f8f937e63a8729bff6f04cec166bb9830b99f8f690da4825 +AUX libssh-0.7.5-add-macro-for-MAX.patch 916 BLAKE2B bc24cd008159c9c20ff75dc17842921ac1aa920d359aede3bc933c54024790ad9869ae44f9a81392cb73f967b6af69848d5e1c6ee2ea17c81edb8cb798c89b8a SHA512 9a9fd719cdbe42f0b2520104af4bd31d24721cb356d40a70870d2f95166c16e2c58c4a9568958a051214fa813fcadc55477c6a743d65c301ee27a83fc8abc119 AUX libssh-0.7.5-fix-config-buffer-underflow.patch 742 BLAKE2B 5db1e2be05b45914bd832d1c3ecfa850ab2dfa88baba5566c41e8acf783a8dd0cf118851344dc8ddba39393532bede4d8a6134aa81d121da18bff9c1b4ffd27c SHA512 0e6ed4f39637b5bc3476225b1cbd28891e668609e681b4b55343c37d6a7f0c5be0f71ce684b6a83ab5e5f14cca3206d0752a17cab1138fdf274656ba36a764e5 AUX libssh-0.7.5-fix-config-parsing.patch 1076 BLAKE2B f710d58d36ec529c9390647b1a53506defe4a480463e899f8d7aeb8fe7d0d463b80f87ab6ec35fd89afadadb5f7698ac3e33a6f5693092494bfb1cf43886a9e6 SHA512 45d21c11ce242d6f2a86fe1fe96ed934a06d0dd54b9e2af6ad873bbec1b0db91cb884879205f42c1006740a4cfc1c16723180f447640e96e8373b39be8828aa5 +AUX libssh-0.7.5-fix-internal-algo-selection.patch 4711 BLAKE2B 04d61ee7ab3eba651342ac2b3dba52ef191271de37e741b2cb82da11c2f9cfb19d64a6befe9ebbab8d8525bd75c9213dee56c32023340db92e046827835df7ae SHA512 29bf9b43c8ee2f65c65040163fc9f250f35d5ca77ace5db2782eb8478dc14d9d16c0cf0e991025443a701d3d60124f83134a35e7cde6fae20932e3d2ff4b6732 DIST libssh-0.7.4.tar.xz 351892 BLAKE2B 5427faa04eac7b57f73909f113d933daf667f8311c30364bbf06d4f01121a58f5b560e0a1d9071655ce9b310fa3f3f801e11e880ca3eacde66efa0f49dc51b2b SHA512 94b8183e5c83e339303c1a160c92ccff6159471ac7d189ab66cf6d606d2e803fd616519f079aef1577c947d3a14e315332b05ea08e44d0ab550edbcb768dbea7 DIST libssh-0.7.5.tar.xz 351632 BLAKE2B b41cccb6215c5b7e66742171d91e1081d3c1bf44455b65a5992093d31b28db7a6375e815303e115e02b2458c734d9c61e4b1528ba905bf8a421ca2bbb7221ce6 SHA512 6c7f539899caaedf13d66fa2e0fac1a475ecdfe389131abcbdf908bdebc50a0b9e6b0d43e67e52aea85c32f6aa68e46ca2f50695992f82ded83489f445a8e775 EBUILD libssh-0.7.4.ebuild 2478 BLAKE2B 86cdd0d7445a37fbff25a82b79cd910645525a668e534abcf96a6e4ca9846d5d20fbe8c4891bd4878f0bfb315a283b3a970565963c59fe6a51d5d56d9382994a SHA512 1c7b902fd9dbd2e4826be08c9d326dd3bf858e8ebedfe489ddcef917c888f225742967b93cdf8d647bb42ff4e5938b463e3e7526afd76986b7561399ffb10079 EBUILD libssh-0.7.5-r1.ebuild 2584 BLAKE2B 21ee1d5dcb7013d613bc1573ee2a0fd0f56e762cb85e382cfae0e8571fb6bd83d2b9c474245855e70db063644d6e0cf26d33cb32dac543d9ed877f8564208166 SHA512 5d6f02c98c35d7477a230fd9e1612c53deb410bc095e874df73ae2b58f67698cb1e22d8a321c56b3ab55be2fb0a6d993f52e073f27b4aa35dae3f2429d9d5b15 +EBUILD libssh-0.7.5-r2.ebuild 2682 BLAKE2B 1eee63589d01385c1a19c352365beb42bfee67a455d5fa88abb36feafb5faaa5411f6c488f5e430be01801f7eadd140e759c8168336c5e07124596f9341738fb SHA512 3a10f683429c400e47a6215409c25b584e6c3f9b782d605dd50ddbee25c87c3d68afb93f5af5bfb523376c5a2e90bd1285eb6694ca63db8f541abb708d79dd07 EBUILD libssh-9999.ebuild 2128 BLAKE2B 394967b5e90dbeddbfa8f2fc9fcf17afc0f2c282bf25c5efc8a0e3786573dd9750bcdc63732610bc87e9b779c29014753acc95d239d6b9c3b67a412f908d09a9 SHA512 49e17db7bce80cc8b70ac3ba51f874007e0f09b8407a7e2af3cde79c5d2ec713aed317d258b4cefb7b753b790219c882931cc06154187683dacc83e2a5ab7cb5 MISC metadata.xml 648 BLAKE2B bd4e4be029fdb3ef1e5ce2e16b6f5b922bf43c32ff4ecd50a67db98f9f7669022caf96d965fc85065b5ea8ac65b5547bc3d62d1da6bebdbc5a9a877be5a23c18 SHA512 4e99644645a43ccf7c479c6808ecb2dfe9f9aba69518ab1e2a1289732b926d853ff5554c69fff71e4bb572d12af298ebe19ecb1086da2e8675153b5c42faf589 diff --git a/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch b/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch new file mode 100644 index 000000000000..d9226d697000 --- /dev/null +++ b/net-libs/libssh/files/libssh-0.7.5-add-macro-for-MAX.patch @@ -0,0 +1,30 @@ +From 310d423d36ae7bb6dac5a2ae2fb7b57bda72dcb5 Mon Sep 17 00:00:00 2001 +From: Andreas Schneider <asn@cryptomilk.org> +Date: Thu, 24 Aug 2017 17:27:08 +0200 +Subject: [PATCH 1/2] priv: Add macro for MAX + +Signed-off-by: Andreas Schneider <asn@cryptomilk.org> +(cherry picked from commit de35212789d11086621e176a11399de0d75ab3a6) +Signed-off-by: Mihai Moldovan <ionic@ionic.de> +--- + include/libssh/priv.h | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/include/libssh/priv.h b/include/libssh/priv.h +index 5a74915e..c3373c00 100644 +--- a/include/libssh/priv.h ++++ b/include/libssh/priv.h +@@ -263,6 +263,10 @@ int match_hostname(const char *host, const char *pattern, unsigned int len); + #define MIN(a,b) ((a) < (b) ? (a) : (b)) + #endif + ++#ifndef MAX ++#define MAX(a,b) ((a) > (b) ? (a) : (b)) ++#endif ++ + /** Free memory space */ + #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0) + +-- +2.15.1 + diff --git a/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch b/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch new file mode 100644 index 000000000000..931d63360a12 --- /dev/null +++ b/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch @@ -0,0 +1,156 @@ +From 4893f9515da2696490e6bbe9aaf51f2ef9678b0f Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos <nmav@redhat.com> +Date: Thu, 24 Aug 2017 16:28:39 +0200 +Subject: [PATCH 2/2] ssh_options_set_algo: ensure we only set known algorithms + internally + +That way, we will not fail later on key exchange phase when something +unknown is negotiated. + +Fixes T37 + +Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> +Reviewed-by: Andreas Schneider <asn@samba.org> +(cherry picked from commit 895055ab38e7716390019aae5e11771a88b99d26) +Signed-off-by: Mihai Moldovan <ionic@ionic.de> +--- + include/libssh/kex.h | 1 + + src/kex.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++++ + src/options.c | 11 ++++---- + 3 files changed, 81 insertions(+), 6 deletions(-) + +diff --git a/include/libssh/kex.h b/include/libssh/kex.h +index 1a5b6d41..23594985 100644 +--- a/include/libssh/kex.h ++++ b/include/libssh/kex.h +@@ -41,6 +41,7 @@ void ssh_list_kex(struct ssh_kex_struct *kex); + int set_client_kex(ssh_session session); + int ssh_kex_select_methods(ssh_session session); + int verify_existing_algo(int algo, const char *name); ++char *keep_known_algos(int algo, const char *list); + char **space_tokenize(const char *chain); + int ssh_get_kex1(ssh_session session); + char *ssh_find_matching(const char *in_d, const char *what_d); +diff --git a/src/kex.c b/src/kex.c +index 519d79ce..f0c9d067 100644 +--- a/src/kex.c ++++ b/src/kex.c +@@ -281,6 +281,71 @@ char *ssh_find_matching(const char *available_d, const char *preferred_d){ + return NULL; + } + ++static char *ssh_find_all_matching(const char *available_d, ++ const char *preferred_d) ++{ ++ char **tok_available, **tok_preferred; ++ int i_avail, i_pref; ++ char *ret; ++ unsigned max, len, pos = 0; ++ ++ if ((available_d == NULL) || (preferred_d == NULL)) { ++ return NULL; /* don't deal with null args */ ++ } ++ ++ max = MAX(strlen(available_d), strlen(preferred_d)); ++ ++ ret = malloc(max+1); ++ if (ret == NULL) { ++ return NULL; ++ } ++ ret[0] = 0; ++ ++ tok_available = tokenize(available_d); ++ if (tok_available == NULL) { ++ SAFE_FREE(ret); ++ return NULL; ++ } ++ ++ tok_preferred = tokenize(preferred_d); ++ if (tok_preferred == NULL) { ++ SAFE_FREE(ret); ++ SAFE_FREE(tok_available[0]); ++ SAFE_FREE(tok_available); ++ return NULL; ++ } ++ ++ for (i_pref = 0; tok_preferred[i_pref] ; ++i_pref) { ++ for (i_avail = 0; tok_available[i_avail]; ++i_avail) { ++ int cmp = strcmp(tok_available[i_avail],tok_preferred[i_pref]); ++ if (cmp == 0) { ++ /* match */ ++ if (pos != 0) { ++ ret[pos] = ','; ++ pos++; ++ } ++ ++ len = strlen(tok_available[i_avail]); ++ memcpy(&ret[pos], tok_available[i_avail], len); ++ pos += len; ++ ret[pos] = '\0'; ++ } ++ } ++ } ++ ++ if (ret[0] == '\0') { ++ SAFE_FREE(ret); ++ ret = NULL; ++ } ++ ++ SAFE_FREE(tok_available[0]); ++ SAFE_FREE(tok_preferred[0]); ++ SAFE_FREE(tok_available); ++ SAFE_FREE(tok_preferred); ++ ++ return ret; ++} ++ + /** + * @internal + * @brief returns whether the first client key exchange algorithm or +@@ -668,4 +733,14 @@ int verify_existing_algo(int algo, const char *name){ + return 0; + } + ++/* returns a copy of the provided list if everything is supported, ++ * otherwise a new list of the supported algorithms */ ++char *keep_known_algos(int algo, const char *list) ++{ ++ if ((algo > 9) || (algo < 0)) { ++ return NULL; ++ } ++ ++ return ssh_find_all_matching(supported_methods[algo], list); ++} + /* vim: set ts=2 sw=2 et cindent: */ +diff --git a/src/options.c b/src/options.c +index aed2dda5..34fe9cc7 100644 +--- a/src/options.c ++++ b/src/options.c +@@ -164,7 +164,10 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) { + + int ssh_options_set_algo(ssh_session session, int algo, + const char *list) { +- if (!verify_existing_algo(algo, list)) { ++ char *p = NULL; ++ ++ p = keep_known_algos(algo, list); ++ if (p == NULL) { + ssh_set_error(session, SSH_REQUEST_DENIED, + "Setting method: no algorithm for method \"%s\" (%s)\n", + ssh_kex_get_description(algo), list); +@@ -172,11 +175,7 @@ int ssh_options_set_algo(ssh_session session, int algo, + } + + SAFE_FREE(session->opts.wanted_methods[algo]); +- session->opts.wanted_methods[algo] = strdup(list); +- if (session->opts.wanted_methods[algo] == NULL) { +- ssh_set_error_oom(session); +- return -1; +- } ++ session->opts.wanted_methods[algo] = p; + + return 0; + } +-- +2.15.1 + diff --git a/net-libs/libssh/libssh-0.7.5-r2.ebuild b/net-libs/libssh/libssh-0.7.5-r2.ebuild new file mode 100644 index 000000000000..381d0dd66c08 --- /dev/null +++ b/net-libs/libssh/libssh-0.7.5-r2.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +MY_P="${PN}-${PV/_rc/rc}" +inherit cmake-multilib + +DESCRIPTION="Access a working SSH implementation by means of a library" +HOMEPAGE="https://www.libssh.org/" +SRC_URI="https://red.libssh.org/attachments/download/218/${MY_P}.tar.xz -> ${P}.tar.xz" + +LICENSE="LGPL-2.1" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux" +SLOT="0/4" # subslot = soname major version +IUSE="debug doc examples gcrypt gssapi libressl pcap server +sftp ssh1 static-libs test zlib" +# Maintainer: check IUSE-defaults at DefineOptions.cmake + +RDEPEND=" + !gcrypt? ( + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) + ) + gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) + gssapi? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) +" +DEPEND="${RDEPEND} + doc? ( app-doc/doxygen ) + test? ( >=dev-util/cmocka-0.3.1[${MULTILIB_USEDEP}] ) +" + +DOCS=( AUTHORS README ChangeLog ) + +S="${WORKDIR}/${MY_P}" + +PATCHES=( + "${FILESDIR}"/${PN}-0.5.0-tests.patch + "${FILESDIR}"/${P}-fix-config-parsing.patch + "${FILESDIR}"/${P}-fix-config-buffer-underflow.patch + "${FILESDIR}"/${P}-add-macro-for-MAX.patch + "${FILESDIR}"/${P}-fix-internal-algo-selection.patch +) + +src_prepare() { + cmake-utils_src_prepare + + # just install the examples do not compile them + sed -i \ + -e '/add_subdirectory(examples)/s/^/#DONOTWANT/' \ + CMakeLists.txt || die + + # keyfile torture test is currently broken + sed -i \ + -e '/torture_keyfiles/d' \ + tests/unittests/CMakeLists.txt || die +} + +multilib_src_configure() { + local mycmakeargs=( + -DWITH_DEBUG_CALLTRACE="$(usex debug)" + -DWITH_DEBUG_CRYPTO="$(usex debug)" + -DWITH_GCRYPT="$(usex gcrypt)" + -DWITH_GSSAPI="$(usex gssapi)" + -DWITH_NACL=no + -DWITH_PCAP="$(usex pcap)" + -DWITH_SERVER="$(usex server)" + -DWITH_SFTP="$(usex sftp)" + -DWITH_SSH1="$(usex ssh1)" + -DWITH_STATIC_LIB="$(usex static-libs)" + -DWITH_STATIC_LIB="$(usex test)" + -DWITH_TESTING="$(usex test)" + -DWITH_ZLIB="$(usex zlib)" + ) + + cmake-utils_src_configure +} + +multilib_src_compile() { + cmake-utils_src_compile + multilib_is_native_abi && use doc && cmake-utils_src_compile doc +} + +multilib_src_install() { + cmake-utils_src_install + + if multilib_is_native_abi && use doc ; then + docinto html + dodoc -r doc/html/. + fi + + use static-libs || rm -f "${D}"/usr/$(get_libdir)/libssh{,_threads}.a +} + +multilib_src_install_all() { + einstalldocs + + if use examples; then + docinto examples + dodoc examples/*.{c,h,cpp} + fi +} |