rpms/libssh
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Unbreak tests with OpenSSH 8.8p1

Browse Source 
https://gitlab.com/libssh/libssh-mirror/-/issues/107
This commit is contained in:
Jakub Jelen 2022-01-28 10:18:52 +01:00
parent 9566bef35a
commit 3cf530b6fd
2 changed files with 63 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
libssh-0.9.6-openssh-8.8p1-compat.patch Normal file
View File

@ -0,0 +1,61 @@
From 86ee3f5a00c2f5237dcbb09f80283af703ced3f5 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 27 Jan 2022 21:04:03 +0100
Subject: [PATCH] tests: Skip the workaround forcing SHA1 signatures
In certificate authentication with OpenSSH 8.0, the SHA2 signatures were
not accepted correctly [1]. This was not an issue up until the OpenSSH
8.8p1, which does no longer allow SHA1 signatures by default so this
broke the CI and tests against the new OpenSSH [2].
Fixes !107
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=3016
[2] https://gitlab.com/libssh/libssh-mirror/-/issues/107
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
tests/client/torture_auth.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c
index 29f6f5a5..d02fd6e2 100644
--- a/tests/client/torture_auth.c
+++ b/tests/client/torture_auth.c
@@ -642,6 +642,7 @@ static void torture_auth_cert(void **state) {
static void torture_auth_agent_cert(void **state)
{
+#if OPENSSH_VERSION_MAJOR < 8
struct torture_state *s = *state;
ssh_session session = s->ssh.session;
int rc;
@@ -661,6 +662,7 @@ static void torture_auth_agent_cert(void **state)
"ssh-rsa-cert-v01@openssh.com");
assert_int_equal(rc, SSH_OK);
}
+#endif /* OPENSSH_VERSION_MAJOR < 8 */
/* Setup loads a different key, tests are exactly the same. */
torture_auth_agent(state);
@@ -668,6 +670,7 @@ static void torture_auth_agent_cert(void **state)
static void torture_auth_agent_cert_nonblocking(void **state)
{
+#if OPENSSH_VERSION_MAJOR < 8
struct torture_state *s = *state;
ssh_session session = s->ssh.session;
int rc;
@@ -687,6 +690,7 @@ static void torture_auth_agent_cert_nonblocking(void **state)
"ssh-rsa-cert-v01@openssh.com");
assert_int_equal(rc, SSH_OK);
}
+#endif /* OPENSSH_VERSION_MAJOR < 8 */
torture_auth_agent_nonblocking(state);
}
--
GitLab

6
libssh.spec
View File

@ -10,6 +10,7 @@ Source1: https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz.asc
Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring
Source3: libssh_client.config Source3: libssh_client.config
Source4: libssh_server.config Source4: libssh_server.config
Patch1: libssh-0.9.6-openssh-8.8p1-compat.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: gcc-c++ BuildRequires: gcc-c++
@ -104,10 +105,7 @@ popd
%check %check
# Tests are randomly failing when run in parallel # Tests are randomly failing when run in parallel
%global _smp_build_ncpus 1 %global _smp_build_ncpus 1
%ctest
# https://gitlab.com/libssh/libssh-mirror/-/issues/107
# The torture_auth tests currently fail when run against OpenSSH 8.8
%ctest -- -E torture_auth
%files %files
%doc AUTHORS BSD ChangeLog README %doc AUTHORS BSD ChangeLog README