Compare commits
9 Commits
Author | SHA1 | Date |
---|---|---|
Jakub Jelen | 05b37c38ca | |
Jakub Jelen | 3cf530b6fd | |
Fedora Release Engineering | 9566bef35a | |
Stephen Gallagher | f8af487fb3 | |
Norbert Pocs | 4720d81855 | |
Sahana Prasad | 67dd6cd321 | |
Norbert Pocs | 8ccf0ceaa4 | |
Fedora Release Engineering | fe4987c78a | |
Fedora Release Engineering | 9185a504b5 |
|
@ -54,3 +54,5 @@ libssh-0.4.4.tar.gz.asc
|
|||
/libssh-0.9.4.tar.xz.asc
|
||||
/libssh-0.9.5.tar.xz
|
||||
/libssh-0.9.5.tar.xz.asc
|
||||
/libssh-0.9.6.tar.xz
|
||||
/libssh-0.9.6.tar.xz.asc
|
||||
|
|
|
@ -0,0 +1,61 @@
|
|||
From 86ee3f5a00c2f5237dcbb09f80283af703ced3f5 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Thu, 27 Jan 2022 21:04:03 +0100
|
||||
Subject: [PATCH] tests: Skip the workaround forcing SHA1 signatures
|
||||
|
||||
In certificate authentication with OpenSSH 8.0, the SHA2 signatures were
|
||||
not accepted correctly [1]. This was not an issue up until the OpenSSH
|
||||
8.8p1, which does no longer allow SHA1 signatures by default so this
|
||||
broke the CI and tests against the new OpenSSH [2].
|
||||
|
||||
Fixes !107
|
||||
|
||||
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=3016
|
||||
[2] https://gitlab.com/libssh/libssh-mirror/-/issues/107
|
||||
|
||||
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
---
|
||||
tests/client/torture_auth.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c
|
||||
index 29f6f5a5..d02fd6e2 100644
|
||||
--- a/tests/client/torture_auth.c
|
||||
+++ b/tests/client/torture_auth.c
|
||||
@@ -642,6 +642,7 @@ static void torture_auth_cert(void **state) {
|
||||
|
||||
static void torture_auth_agent_cert(void **state)
|
||||
{
|
||||
+#if OPENSSH_VERSION_MAJOR < 8
|
||||
struct torture_state *s = *state;
|
||||
ssh_session session = s->ssh.session;
|
||||
int rc;
|
||||
@@ -661,6 +662,7 @@ static void torture_auth_agent_cert(void **state)
|
||||
"ssh-rsa-cert-v01@openssh.com");
|
||||
assert_int_equal(rc, SSH_OK);
|
||||
}
|
||||
+#endif /* OPENSSH_VERSION_MAJOR < 8 */
|
||||
|
||||
/* Setup loads a different key, tests are exactly the same. */
|
||||
torture_auth_agent(state);
|
||||
@@ -668,6 +670,7 @@ static void torture_auth_agent_cert(void **state)
|
||||
|
||||
static void torture_auth_agent_cert_nonblocking(void **state)
|
||||
{
|
||||
+#if OPENSSH_VERSION_MAJOR < 8
|
||||
struct torture_state *s = *state;
|
||||
ssh_session session = s->ssh.session;
|
||||
int rc;
|
||||
@@ -687,6 +690,7 @@ static void torture_auth_agent_cert_nonblocking(void **state)
|
||||
"ssh-rsa-cert-v01@openssh.com");
|
||||
assert_int_equal(rc, SSH_OK);
|
||||
}
|
||||
+#endif /* OPENSSH_VERSION_MAJOR < 8 */
|
||||
|
||||
torture_auth_agent_nonblocking(state);
|
||||
}
|
||||
--
|
||||
GitLab
|
||||
|
||||
|
28
libssh.spec
28
libssh.spec
|
@ -1,6 +1,6 @@
|
|||
Name: libssh
|
||||
Version: 0.9.5
|
||||
Release: 1%{?dist}
|
||||
Version: 0.9.6
|
||||
Release: 4%{?dist}
|
||||
Summary: A library implementing the SSH protocol
|
||||
License: LGPLv2+
|
||||
URL: http://www.libssh.org
|
||||
|
@ -10,6 +10,7 @@ Source1: https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz.asc
|
|||
Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring
|
||||
Source3: libssh_client.config
|
||||
Source4: libssh_server.config
|
||||
Patch1: libssh-0.9.6-openssh-8.8p1-compat.patch
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: gcc-c++
|
||||
|
@ -127,6 +128,29 @@ popd
|
|||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
||||
|
||||
%changelog
|
||||
* Fri Jan 28 2022 Jakub Jelen <jjelen@redhat.com> - 0.9.6-4
|
||||
- Fix build-time tests to work with OpenSSH 8.8p1
|
||||
|
||||
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.6-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
||||
|
||||
* Mon Jan 10 2022 Stephen Gallagher <sgallagh@redhat.com> - 0.9.6-2
|
||||
- Skip broken torture_auth tests
|
||||
|
||||
* Mon Sep 13 2021 Norbert Pocs <npocs@redhat.com> - 0.9.6-1
|
||||
- Fix CVE-CVE-2021-3634 libssh: possible heap-based buffer
|
||||
overflow when rekeying
|
||||
- Resolves: rhbz#1994600
|
||||
|
||||
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 0.9.5-4
|
||||
- Rebuilt with OpenSSL 3.0.0
|
||||
|
||||
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.5-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
||||
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.5-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Thu Sep 10 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.5-1
|
||||
- Update to version 0.9.5
|
||||
https://www.libssh.org/2020/09/10/libssh-0-9-5/
|
||||
|
|
4
sources
4
sources
|
@ -1,2 +1,2 @@
|
|||
SHA512 (libssh-0.9.5.tar.xz) = 64e692a0bfa7f73585ea7b7b8b1d4c9a7f9be59565bfd4de32ca8cd9db121f87e7ad51f5c80269fbd99545af34dcf1894374ed8a6d6c1ac5f8601c026572ac18
|
||||
SHA512 (libssh-0.9.5.tar.xz.asc) = f0b76cdccf26144b9cc9ad3f7e1605b50473fc5c686d0d9a2419b13382440776c09428d717253a918f7347b90e4a562fd88d8ea85a6e54f06b149826295b4f8e
|
||||
SHA512 (libssh-0.9.6.tar.xz) = 4040ec4af937e95be2e41313ef6d4db60b46b8d4dea10c09402398127c1d1ca8843392d207088aeee3c7ef631c6ae7b66861327dcebf78ed3af0723777619fd1
|
||||
SHA512 (libssh-0.9.6.tar.xz.asc) = 1b6223efe9e4ce864cd8d97d517f9f0d38c1cd502b5874fdc6a58731038c2830a72ce753f02fc062d9d4d5922107ec9a2e62fe24a704bb5dec0dcfecdb569fe6
|
||||
|
|
Loading…
Reference in New Issue