Fix ssh-agent support on big endian

resolves: #1271230
2015-10-22 10:58:21 +02:00 · 2015-10-22 10:58:21 +02:00 · 88ab622f54
commit 88ab622f54
parent 5e7e599baf
2 changed files with 113 additions and 1 deletions
--- a/libssh-0.7.2-fix_agent_bigendian.patch
+++ b/libssh-0.7.2-fix_agent_bigendian.patch
@ -0,0 +1,105 @@
+From 0425ac9ad0f8f1cefa12b448d31a400ced3e89b9 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Wed, 14 Oct 2015 20:45:49 +0200
+Subject: [PATCH] agent: Fix agent auth on big endian machines
+
+BUG: https://red.libssh.org/issues/204
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+---
+ ConfigureChecks.cmake |  1 +
+ include/libssh/priv.h | 10 ++++++++++
+ src/agent.c           | 17 +++++++++++++----
+ 3 files changed, 24 insertions(+), 4 deletions(-)
+
+diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
+index c0326c2..3587b07 100644
+--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
+@@ -56,6 +56,7 @@ check_include_file(libutil.h HAVE_LIBUTIL_H)
+ check_include_file(sys/time.h HAVE_SYS_TIME_H)
+ check_include_file(sys/param.h HAVE_SYS_PARAM_H)
+ check_include_file(arpa/inet.h HAVE_ARPA_INET_H)
+check_include_file(byteswap.h HAVE_BYTESWAP_H)
+ 
+ if (WIN32)
+   check_include_files("winsock2.h;ws2tcpip.h;wspiapi.h" HAVE_WSPIAPI_H)
+diff --git a/include/libssh/priv.h b/include/libssh/priv.h
+index 95a22c6..b7a80fe 100644
+--- a/include/libssh/priv.h
+++ b/include/libssh/priv.h
+@@ -43,6 +43,16 @@
+ # endif
+ #endif /* !defined(HAVE_STRTOULL) */
+ 
+#ifdef HAVE_BYTESWAP_H
+#include <byteswap.h>
+#endif
+
+#ifndef bswap_32
+#define bswap_32(x) \
+    ((((x) & 0xff000000) >> 24) | (((x) & 0x00ff0000) >>  8) | \
+     (((x) & 0x0000ff00) <<  8) | (((x) & 0x000000ff) << 24))
+#endif
+
+ #ifdef _WIN32
+ 
+ /* Imitate define of inttypes.h */
+diff --git a/src/agent.c b/src/agent.c
+index 922d753..e520773 100644
+--- a/src/agent.c
+++ b/src/agent.c
+@@ -382,6 +382,9 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) {
+     ssh_buffer_free(reply);
+     return -1;
+   }
+#ifdef WORDS_BIGENDIAN
+  type = bswap_32(type);
+#endif
+ 
+   SSH_LOG(SSH_LOG_WARN,
+       "Answer type: %d, expected answer: %d",
+@@ -392,7 +395,7 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) {
+       return 0;
+   } else if (type != c2) {
+       ssh_set_error(session, SSH_FATAL,
+-          "Bad authentication reply message type: %d", type);
+          "Bad authentication reply message type: %u", type);
+       ssh_buffer_free(reply);
+       return -1;
+   }
+@@ -507,8 +510,8 @@ ssh_string ssh_agent_sign_data(ssh_session session,
+     ssh_buffer reply;
+     ssh_string key_blob;
+     ssh_string sig_blob;
+-    int type = SSH2_AGENT_FAILURE;
+-    int flags = 0;
+    unsigned int type = 0;
+    unsigned int flags = 0;
+     uint32_t dlen;
+     int rc;
+ 
+@@ -572,13 +575,19 @@ ssh_string ssh_agent_sign_data(ssh_session session,
+         ssh_buffer_free(reply);
+         return NULL;
+     }
+#ifdef WORDS_BIGENDIAN
+    type = bswap_32(type);
+#endif
+ 
+     if (agent_failed(type)) {
+         SSH_LOG(SSH_LOG_WARN, "Agent reports failure in signing the key");
+         ssh_buffer_free(reply);
+         return NULL;
+     } else if (type != SSH2_AGENT_SIGN_RESPONSE) {
+-        ssh_set_error(session, SSH_FATAL, "Bad authentication response: %d", type);
+        ssh_set_error(session,
+                      SSH_FATAL,
+                      "Bad authentication response: %u",
+                      type);
+         ssh_buffer_free(reply);
+         return NULL;
+     }
+-- 
+2.5.0
+
--- a/libssh.spec
+++ b/libssh.spec
@ -1,6 +1,6 @@
 Name:           libssh
 Version:        0.7.2
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        A library implementing the SSH protocol
 License:        LGPLv2+
 URL:            http://www.libssh.org
@ -9,6 +9,8 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

 Source0:        https://red.libssh.org/attachments/download/177/libssh-0.7.2.tar.xz

+Patch0:         libssh-0.7.2-fix_agent_bigendian.patch
+
 BuildRequires:  cmake
 BuildRequires:  doxygen
 BuildRequires:  openssl-devel
@ -37,6 +39,8 @@ applications that use %{name}.
 %prep
 %setup -q

+%patch0 -p1 -b .libssh-0.7.2-fix_agent_bigendian.patch
+
 # Remove examples, they are not packaged and do not build on EPEL 5
 sed -i -e 's|add_subdirectory(examples)||g' CMakeLists.txt
 rm -rf examples
@ -89,6 +93,9 @@ rm -rf %{buildroot}
 %{_libdir}/libssh_threads.so

 %changelog
+* Thu Oct 22 2015 Andreas Schneider <asn@redhat.com> - 0.7.2-2
+- resolves: #1271230 - Fix ssh-agent support on big endian
+
 * Wed Sep 30 2015 Andreas Schneider <asn@redhat.com> - 0.7.2-1
 - Update to version 0.7.2
  * Fixed OpenSSL detection on Windows