Add libssh 0.7.1-7 from RHEL/CentOS 7 to EPEL 7 (limited arch pkg)

Package got part of rhel-7-{server,workstation}-extras-rpms repo,
however only for x86_64, but not for aarch64, ppc64 and ppc64le.

.gitignore

@@ -1,56 +1 @@
-libssh-0.4.4.tar.gz
-libssh-0.4.4.tar.gz.asc
-/libssh-0.4.6.tar.gz
-/libssh-0.4.6.tar.gz.asc
-/libssh-0.4.8.tar.gz
-/libssh-0.4.8.tar.gz.asc
-/libssh-0.5.0.tar.gz
-/libssh-0.5.0.tar.gz.asc
-/libssh-0.5.2.tar.gz
-/libssh-0.5.2.tar.gz.asc
-/libssh-0.5.3.tar.gz
-/libssh-0.5.3.tar.asc
-/libssh-0.5.4.tar.gz
-/libssh-0.5.4.tar.asc
-/libssh-0.5.5.tar.gz
-/libssh-0.5.5.tar.asc
-/libssh-0.6.0.tar.xz
-/libssh-0.6.1.tar.xz
-/libssh-0.6.3.tar.xz
-/libssh-0.6.4.tar.gz
-/libssh-0.6.5.tar.xz
-/libssh-0.7.0.tar.xz
-/libssh-0.7.1.tar.xz
-/libssh-0.7.2.tar.xz
-/libssh-0.7.3.tar.xz
-/libssh-0.7.4.tar.xz
-/libssh-0.7.5.tar.xz
-/libssh-0.8.0.tar.xz
-/libssh-0.8.0.tar.xz.asc
-/libssh-0.8.1.tar.xz
-/libssh-0.8.1.tar.xz.asc
-/libssh-0.8.2.tar.xz
-/libssh-0.8.2.tar.xz.asc
-/libssh-0.8.3.tar.xz
-/libssh-0.8.3.tar.xz.asc
-/libssh-0.8.4.tar.xz
-/libssh-0.8.4.tar.xz.asc
-/libssh-0.8.5.tar.xz
-/libssh-0.8.5.tar.xz.asc
-/libssh-0.8.6.tar.xz
-/libssh-0.8.6.tar.xz.asc
-/libssh-0.8.7.tar.xz
-/libssh-0.8.7.tar.xz.asc
-/libssh-0.8.91.tar.xz
-/libssh_client.config
-/libssh_server.config
-/libssh-0.9.0.tar.xz
-/libssh-0.9.0.tar.xz.asc
-/libssh-0.9.2.tar.xz
-/libssh-0.9.2.tar.xz.asc
-/libssh-0.9.3.tar.xz
-/libssh-0.9.3.tar.xz.asc
-/libssh-0.9.4.tar.xz
-/libssh-0.9.4.tar.xz.asc
-/libssh-0.9.5.tar.xz
-/libssh-0.9.5.tar.xz.asc
+/libssh-*.tar.xz

gating.yml

@@ -1,14 +0,0 @@
---- !Policy
-product_versions:
-  - fedora-*
-decision_context: bodhi_update_push_testing
-subject_type: koji_build
-rules:
-  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
---- !Policy
-product_versions:
-  - fedora-*
-decision_context: bodhi_update_push_stable
-subject_type: koji_build
-rules:
-  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}

libssh-0.7.1-fix_agent_bigendian.patch

@@ -0,0 +1,109 @@
+--- a/libssh-0.7.2-fix_agent_bigendian.patch	
++++ a/libssh-0.7.2-fix_agent_bigendian.patch	
+@@ -0,0 +1,105 @@ 
++From 0425ac9ad0f8f1cefa12b448d31a400ced3e89b9 Mon Sep 17 00:00:00 2001
++From: Andreas Schneider <asn@cryptomilk.org>
++Date: Wed, 14 Oct 2015 20:45:49 +0200
++Subject: [PATCH] agent: Fix agent auth on big endian machines
++
++BUG: https://red.libssh.org/issues/204
++
++Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
++---
++ ConfigureChecks.cmake |  1 +
++ include/libssh/priv.h | 10 ++++++++++
++ src/agent.c           | 17 +++++++++++++----
++ 3 files changed, 24 insertions(+), 4 deletions(-)
++
++diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
++index c0326c2..3587b07 100644
++--- a/ConfigureChecks.cmake
+++++ b/ConfigureChecks.cmake
++@@ -56,6 +56,7 @@ check_include_file(libutil.h HAVE_LIBUTIL_H)
++ check_include_file(sys/time.h HAVE_SYS_TIME_H)
++ check_include_file(sys/param.h HAVE_SYS_PARAM_H)
++ check_include_file(arpa/inet.h HAVE_ARPA_INET_H)
+++check_include_file(byteswap.h HAVE_BYTESWAP_H)
++ 
++ if (WIN32)
++   check_include_files("winsock2.h;ws2tcpip.h;wspiapi.h" HAVE_WSPIAPI_H)
++diff --git a/include/libssh/priv.h b/include/libssh/priv.h
++index 95a22c6..b7a80fe 100644
++--- a/include/libssh/priv.h
+++++ b/include/libssh/priv.h
++@@ -43,6 +43,16 @@
++ # endif
++ #endif /* !defined(HAVE_STRTOULL) */
++ 
+++#ifdef HAVE_BYTESWAP_H
+++#include <byteswap.h>
+++#endif
+++
+++#ifndef bswap_32
+++#define bswap_32(x) \
+++    ((((x) & 0xff000000) >> 24) | (((x) & 0x00ff0000) >>  8) | \
+++     (((x) & 0x0000ff00) <<  8) | (((x) & 0x000000ff) << 24))
+++#endif
+++
++ #ifdef _WIN32
++ 
++ /* Imitate define of inttypes.h */
++diff --git a/src/agent.c b/src/agent.c
++index 922d753..e520773 100644
++--- a/src/agent.c
+++++ b/src/agent.c
++@@ -382,6 +382,9 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) {
++     ssh_buffer_free(reply);
++     return -1;
++   }
+++#ifdef WORDS_BIGENDIAN
+++  type = bswap_32(type);
+++#endif
++ 
++   SSH_LOG(SSH_LOG_WARN,
++       "Answer type: %d, expected answer: %d",
++@@ -392,7 +395,7 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) {
++       return 0;
++   } else if (type != c2) {
++       ssh_set_error(session, SSH_FATAL,
++-          "Bad authentication reply message type: %d", type);
+++          "Bad authentication reply message type: %u", type);
++       ssh_buffer_free(reply);
++       return -1;
++   }
++@@ -507,8 +510,8 @@ ssh_string ssh_agent_sign_data(ssh_session session,
++     ssh_buffer reply;
++     ssh_string key_blob;
++     ssh_string sig_blob;
++-    int type = SSH2_AGENT_FAILURE;
++-    int flags = 0;
+++    unsigned int type = 0;
+++    unsigned int flags = 0;
++     uint32_t dlen;
++     int rc;
++ 
++@@ -572,13 +575,19 @@ ssh_string ssh_agent_sign_data(ssh_session session,
++         ssh_buffer_free(reply);
++         return NULL;
++     }
+++#ifdef WORDS_BIGENDIAN
+++    type = bswap_32(type);
+++#endif
++ 
++     if (agent_failed(type)) {
++         SSH_LOG(SSH_LOG_WARN, "Agent reports failure in signing the key");
++         ssh_buffer_free(reply);
++         return NULL;
++     } else if (type != SSH2_AGENT_SIGN_RESPONSE) {
++-        ssh_set_error(session, SSH_FATAL, "Bad authentication response: %d", type);
+++        ssh_set_error(session,
+++                      SSH_FATAL,
+++                      "Bad authentication response: %u",
+++                      type);
++         ssh_buffer_free(reply);
++         return NULL;
++     }
++-- 
++2.5.0
++
+

libssh-CVE-2016-0739.patch

@@ -0,0 +1,68 @@
+From dc2eaa017fe77e53bd9f1d4327a480d9bfe6cc6a Mon Sep 17 00:00:00 2001
+From: Aris Adamantiadis <aris@0xbadc0de.be>
+Date: Tue, 9 Feb 2016 15:09:27 +0100
+Subject: [PATCH] dh: fix CVE-2016-0739
+
+Due to a byte/bit confusion, the DH secret was too short. This file was
+completely reworked and will be commited in a future version.
+---
+ src/dh.c | 22 +++++++++++++++++-----
+ 1 file changed, 17 insertions(+), 5 deletions(-)
+
+diff --git a/src/dh.c b/src/dh.c
+index e489a1d..d27b66e 100644
+--- a/src/dh.c
++++ b/src/dh.c
+@@ -227,15 +227,21 @@ void ssh_crypto_finalize(void) {
+ }
+ 
+ int dh_generate_x(ssh_session session) {
++  int keysize;
++  if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
++    keysize = 1023;
++  } else {
++    keysize = 2047;
++  }
+   session->next_crypto->x = bignum_new();
+   if (session->next_crypto->x == NULL) {
+     return -1;
+   }
+ 
+ #ifdef HAVE_LIBGCRYPT
+-  bignum_rand(session->next_crypto->x, 128);
++  bignum_rand(session->next_crypto->x, keysize);
+ #elif defined HAVE_LIBCRYPTO
+-  bignum_rand(session->next_crypto->x, 128, 0, -1);
++  bignum_rand(session->next_crypto->x, keysize, -1, 0);
+ #endif
+ 
+   /* not harder than this */
+@@ -248,15 +254,21 @@ int dh_generate_x(ssh_session session) {
+ 
+ /* used by server */
+ int dh_generate_y(ssh_session session) {
+-    session->next_crypto->y = bignum_new();
++  int keysize;
++  if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
++    keysize = 1023;
++  } else {
++    keysize = 2047;
++  }
++  session->next_crypto->y = bignum_new();
+   if (session->next_crypto->y == NULL) {
+     return -1;
+   }
+ 
+ #ifdef HAVE_LIBGCRYPT
+-  bignum_rand(session->next_crypto->y, 128);
++  bignum_rand(session->next_crypto->y, keysize);
+ #elif defined HAVE_LIBCRYPTO
+-  bignum_rand(session->next_crypto->y, 128, 0, -1);
++  bignum_rand(session->next_crypto->y, keysize, -1, 0);
+ #endif
+ 
+   /* not harder than this */
+-- 
+2.7.1
+
+

libssh-SHA256.patch

@@ -0,0 +1,363 @@
+From f3f140e65f0e58fc37b04dbe4173d6ecda0127ac Mon Sep 17 00:00:00 2001
+From: Jan-Niklas Burfeind <libssh@aiyionpri.me>
+Date: Thu, 9 Aug 2018 11:00:00 +0200
+Subject: dh: Add SSH_PUBLICKEY_HASH_SHA256 to ssh_get_publickey_hash()
+
+Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit 1499b38aef17beac8b438522535daf428600d529)
+---
+ include/libssh/libssh.h |  3 ++-
+ src/dh.c                | 23 +++++++++++++++++++++++
+ 2 files changed, 25 insertions(+), 1 deletion(-)
+
+diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h
+index 37214898..320dc032 100644
+--- a/include/libssh/libssh.h
++++ b/include/libssh/libssh.h
+@@ -444,7 +444,8 @@ LIBSSH_API int ssh_get_publickey(ssh_session session, ssh_key *key);
+ 
+ enum ssh_publickey_hash_type {
+     SSH_PUBLICKEY_HASH_SHA1,
+-    SSH_PUBLICKEY_HASH_MD5
++    SSH_PUBLICKEY_HASH_MD5,
++    SSH_PUBLICKEY_HASH_SHA256
+ };
+ LIBSSH_API int ssh_get_publickey_hash(const ssh_key key,
+                                       enum ssh_publickey_hash_type type,
+diff --git a/src/dh.c b/src/dh.c
+index d27b66eb..bf1ade8b 100644
+--- a/src/dh.c
++++ b/src/dh.c
+@@ -1039,6 +1039,29 @@ int ssh_get_publickey_hash(const ssh_key key,
+             *hlen = SHA_DIGEST_LEN;
+         }
+         break;
++    case SSH_PUBLICKEY_HASH_SHA256:
++        {
++            SHA256CTX ctx;
++
++            h = malloc(SHA256_DIGEST_LEN);
++            if (h == NULL) {
++                rc = -1;
++                goto out;
++            }
++
++            ctx = sha256_init();
++            if (ctx == NULL) {
++                free(h);
++                rc = -1;
++                goto out;
++            }
++
++            sha256_update(ctx, ssh_string_data(blob), ssh_string_len(blob));
++            sha256_final(h, ctx);
++
++            *hlen = SHA256_DIGEST_LEN;
++        }
++        break;
+     case SSH_PUBLICKEY_HASH_MD5:
+         {
+             MD5CTX ctx;
+-- 
+cgit v1.2.1
+
+From 9c62d6dfcd798d28895f5dd1b76a28524bcf18d3 Mon Sep 17 00:00:00 2001
+From: Jan-Niklas Burfeind <libssh@aiyionpri.me>
+Date: Thu, 9 Aug 2018 11:00:00 +0200
+Subject: dh: Add ssh_print_hash() function which can deal with sha256
+
+Signed-off-by: Jan-Niklas Burfeind <libssh@aiyionpri.me>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit f32cb706752d8dc35ad53a64f51e432cc0bc41cd)
+---
+ include/libssh/libssh.h |  1 +
+ src/dh.c                | 80 +++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 81 insertions(+)
+
+diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h
+index 320dc032..f6cce1e4 100644
+--- a/include/libssh/libssh.h
++++ b/include/libssh/libssh.h
+@@ -564,6 +564,7 @@ LIBSSH_API int ssh_pki_export_pubkey_file(const ssh_key key,
+ 
+ LIBSSH_API const char *ssh_pki_key_ecdsa_name(const ssh_key key);
+ 
++LIBSSH_API void ssh_print_hash(enum ssh_publickey_hash_type type, unsigned char *hash, size_t len);
+ LIBSSH_API void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len);
+ LIBSSH_API int ssh_send_ignore (ssh_session session, const char *data);
+ LIBSSH_API int ssh_send_debug (ssh_session session, const char *message, int always_display);
+diff --git a/src/dh.c b/src/dh.c
+index bf1ade8b..66a0e704 100644
+--- a/src/dh.c
++++ b/src/dh.c
+@@ -1097,6 +1097,38 @@ out:
+     return rc;
+ }
+ 
++/**
++ * @internal
++ *
++ * @brief Convert a buffer into an unpadded base64 string.
++ * The caller has to free the memory.
++ *
++ * @param  hash         What should be converted to a base64 string.
++ *
++ * @param  len          Length of the buffer to convert.
++ *
++ * @return              The base64 string or NULL on error.
++ *
++ * @see ssh_string_free_char()
++ */
++static char *ssh_get_b64_unpadded(const unsigned char *hash, size_t len)
++{
++    char *b64_padded = NULL;
++    char *b64_unpadded = NULL;
++    size_t k;
++
++    b64_padded = (char *)bin_to_base64(hash, (int)len);
++    if (b64_padded == NULL) {
++        return NULL;
++    }
++    for (k = strlen(b64_padded); k != 0 && b64_padded[k-1] == '='; k--);
++
++    b64_unpadded = strndup(b64_padded, k);
++    SAFE_FREE(b64_padded);
++
++    return b64_unpadded;
++}
++
+ /**
+  * @brief Convert a buffer into a colon separated hex string.
+  * The caller has to free the memory.
+@@ -1134,6 +1166,54 @@ char *ssh_get_hexa(const unsigned char *what, size_t len) {
+   return hexa;
+ }
+ 
++/**
++ * @brief Print a hash as a human-readable hex- or base64-string.
++ *
++ * This function prints hex strings if the given hash is a md5 sum.
++ * But prints unpadded base64 strings for sha sums.
++ * Either way, the output is prepended by the hash-type.
++ *
++ * @param  type         Which sort of hash is given.
++ *
++ * @param  hash         What should be converted to a base64 string.
++ *
++ * @param  len          Length of the buffer to convert.
++ */
++void ssh_print_hash(enum ssh_publickey_hash_type type,
++                    unsigned char *hash,
++                    size_t len) {
++    const char *prefix = "UNKNOWN";
++    char *fingerprint = NULL;
++
++    switch (type) {
++    case SSH_PUBLICKEY_HASH_SHA1:
++    case SSH_PUBLICKEY_HASH_SHA256:
++        fingerprint = ssh_get_b64_unpadded(hash, len);
++        break;
++    case SSH_PUBLICKEY_HASH_MD5:
++        fingerprint = ssh_get_hexa(hash, len);
++        break;
++    }
++    if (fingerprint == NULL) {
++        return;
++    }
++
++    switch (type) {
++    case SSH_PUBLICKEY_HASH_MD5:
++        prefix = "MD5";
++        break;
++    case SSH_PUBLICKEY_HASH_SHA1:
++        prefix = "SHA1";
++        break;
++    case SSH_PUBLICKEY_HASH_SHA256:
++        prefix = "SHA256";
++        break;
++    }
++    fprintf(stderr, "%s:%s\n", prefix, fingerprint);
++
++    SAFE_FREE(fingerprint);
++}
++
+ /**
+  * @brief Print a buffer as colon separated hex string.
+  *
+-- 
+cgit v1.2.1
+
+From 7a7c0a54bc24391fcff0aaccd983de621cb3e60d Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Sun, 2 Sep 2018 15:45:41 +0200
+Subject: dh: Add ssh_get_fingerprint_hash()
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit bbed139ecab26cb46b0bb3a21fa4cd2a4f12dadd)
+---
+ include/libssh/libssh.h |  3 ++
+ src/dh.c                | 73 +++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 76 insertions(+)
+
+diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h
+index f6cce1e4..7f59abe4 100644
+--- a/include/libssh/libssh.h
++++ b/include/libssh/libssh.h
+@@ -564,6 +564,9 @@ LIBSSH_API int ssh_pki_export_pubkey_file(const ssh_key key,
+ 
+ LIBSSH_API const char *ssh_pki_key_ecdsa_name(const ssh_key key);
+ 
++LIBSSH_API char *ssh_get_fingerprint_hash(enum ssh_publickey_hash_type type,
++                                          unsigned char *hash,
++                                          size_t len);
+ LIBSSH_API void ssh_print_hash(enum ssh_publickey_hash_type type, unsigned char *hash, size_t len);
+ LIBSSH_API void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len);
+ LIBSSH_API int ssh_send_ignore (ssh_session session, const char *data);
+diff --git a/src/dh.c b/src/dh.c
+index 66a0e704..38298b2d 100644
+--- a/src/dh.c
++++ b/src/dh.c
+@@ -1166,6 +1166,79 @@ char *ssh_get_hexa(const unsigned char *what, size_t len) {
+   return hexa;
+ }
+ 
++/**
++ * @brief Get a hash as a human-readable hex- or base64-string.
++ *
++ * This gets an allocated fingerprint hash. It is a hex strings if the given
++ * hash is a md5 sum.  If it is a SHA sum, it will return an unpadded base64
++ * strings.  Either way, the output is prepended by the hash-type.
++ *
++ * @param  type         Which sort of hash is given.
++ *
++ * @param  hash         What should be converted to a base64 string.
++ *
++ * @param  len          Length of the buffer to convert.
++ *
++ * @return Returns the allocated fingerprint hash or NULL on error.
++ *
++ * @see ssh_string_free_char()
++ */
++char *ssh_get_fingerprint_hash(enum ssh_publickey_hash_type type,
++                               unsigned char *hash,
++                               size_t len)
++{
++    const char *prefix = "UNKNOWN";
++    char *fingerprint = NULL;
++    char *str = NULL;
++    size_t str_len;
++    int rc;
++
++    switch (type) {
++    case SSH_PUBLICKEY_HASH_SHA1:
++    case SSH_PUBLICKEY_HASH_SHA256:
++        fingerprint = ssh_get_b64_unpadded(hash, len);
++        break;
++    case SSH_PUBLICKEY_HASH_MD5:
++        fingerprint = ssh_get_hexa(hash, len);
++        break;
++    }
++    if (fingerprint == NULL) {
++        return NULL;
++    }
++
++    switch (type) {
++    case SSH_PUBLICKEY_HASH_MD5:
++        prefix = "MD5";
++        break;
++    case SSH_PUBLICKEY_HASH_SHA1:
++        prefix = "SHA1";
++        break;
++    case SSH_PUBLICKEY_HASH_SHA256:
++        prefix = "SHA256";
++        break;
++    }
++
++    str_len = strlen(prefix);
++    if (str_len + 1 + strlen(fingerprint) + 1 < str_len) {
++        SAFE_FREE(fingerprint);
++        return NULL;
++    }
++    str_len += 1 + strlen(fingerprint) + 1;
++
++    str = malloc(str_len);
++    if (str == NULL) {
++        SAFE_FREE(fingerprint);
++        return NULL;
++    }
++    rc = snprintf(str, str_len, "%s:%s", prefix, fingerprint);
++    SAFE_FREE(fingerprint);
++    if (rc < 0 || rc < (int)(str_len - 1)) {
++        SAFE_FREE(str);
++    }
++
++    return str;
++}
++
+ /**
+  * @brief Print a hash as a human-readable hex- or base64-string.
+  *
+-- 
+cgit v1.2.1
+
+From e765c1400a724cc5009fd03395ef54b28de9c296 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Sun, 2 Sep 2018 15:47:41 +0200
+Subject: dh: Use ssh_get_fingerprint_hash() in ssh_print_hash()
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit 92aa2cf4963b714d0f30d4fb0f9e609200224f7a)
+---
+ src/dh.c | 29 ++++++-----------------------
+ 1 file changed, 6 insertions(+), 23 deletions(-)
+
+diff --git a/src/dh.c b/src/dh.c
+index 38298b2d..d7182798 100644
+--- a/src/dh.c
++++ b/src/dh.c
+@@ -1254,35 +1254,18 @@ char *ssh_get_fingerprint_hash(enum ssh_publickey_hash_type type,
+  */
+ void ssh_print_hash(enum ssh_publickey_hash_type type,
+                     unsigned char *hash,
+-                    size_t len) {
+-    const char *prefix = "UNKNOWN";
++                    size_t len)
++{
+     char *fingerprint = NULL;
+ 
+-    switch (type) {
+-    case SSH_PUBLICKEY_HASH_SHA1:
+-    case SSH_PUBLICKEY_HASH_SHA256:
+-        fingerprint = ssh_get_b64_unpadded(hash, len);
+-        break;
+-    case SSH_PUBLICKEY_HASH_MD5:
+-        fingerprint = ssh_get_hexa(hash, len);
+-        break;
+-    }
++    fingerprint = ssh_get_fingerprint_hash(type,
++                                           hash,
++                                           len);
+     if (fingerprint == NULL) {
+         return;
+     }
+ 
+-    switch (type) {
+-    case SSH_PUBLICKEY_HASH_MD5:
+-        prefix = "MD5";
+-        break;
+-    case SSH_PUBLICKEY_HASH_SHA1:
+-        prefix = "SHA1";
+-        break;
+-    case SSH_PUBLICKEY_HASH_SHA256:
+-        prefix = "SHA256";
+-        break;
+-    }
+-    fprintf(stderr, "%s:%s\n", prefix, fingerprint);
++    fprintf(stderr, "%s\n", fingerprint);
+ 
+     SAFE_FREE(fingerprint);
+ }
+-- 
+cgit v1.2.1
+

libssh-fix-kbdint.patch

@@ -0,0 +1,27 @@
+From 4ea46eecce9f4e676150fe27fec34e1570b70ace Mon Sep 17 00:00:00 2001
+From: Meng Tan <mtan@wallix.com>
+Date: Wed, 17 Oct 2018 14:50:08 +0200
+Subject: server: Set correct state after sending INFO_REQUEST (Kbd
+ Interactive)
+
+Signed-off-by: Meng Tan <mtan@wallix.com>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+---
+ src/server.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/server.c b/src/server.c
+index e14636ec..84cc4f7a 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -1039,6 +1039,7 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
+     msg->session->kbdint->prompts = NULL;
+     msg->session->kbdint->echo = NULL;
+   }
++  msg->session->auth_state = SSH_AUTH_STATE_INFO;
+ 
+   return rc;
+ }
+-- 
+cgit v1.2.1
+

libssh.spec

@@ -1,41 +1,27 @@
+%define _hardened_build 1
+
 Name:           libssh
-Version:        0.9.5
-Release:        1%{?dist}
+Version:        0.7.1
+Release:        0.7%{?dist}
 Summary:        A library implementing the SSH protocol
 License:        LGPLv2+
 URL:            http://www.libssh.org
+Group:          System Environment/Libraries
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
-Source0:        https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz
-Source1:        https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz.asc
-Source2:        https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring
-Source3:        libssh_client.config
-Source4:        libssh_server.config
+Source0:        https://red.libssh.org/attachments/download/154/libssh-0.7.1.tar.xz
+
+Patch1:         libssh-CVE-2016-0739.patch
+Patch2:         libssh-0.7.1-fix_agent_bigendian.patch
+Patch3:         libssh-CVE-2018-10933.patch
+Patch4:         libssh-SHA256.patch
+Patch5:         libssh-fix-kbdint.patch
 
 BuildRequires:  cmake
-BuildRequires:  gcc-c++
-BuildRequires:  gnupg2
+BuildRequires:  doxygen
 BuildRequires:  openssl-devel
 BuildRequires:  pkgconfig
 BuildRequires:  zlib-devel
-BuildRequires:  krb5-devel
-BuildRequires:  libcmocka-devel
-BuildRequires:  pam_wrapper
-BuildRequires:  socket_wrapper
-BuildRequires:  nss_wrapper
-BuildRequires:  uid_wrapper
-BuildRequires:  openssh-clients
-BuildRequires:  openssh-server
-BuildRequires:  nmap-ncat
-
-Requires:       %{name}-config = %{version}-%{release}
-
-Recommends:     crypto-policies
-
-%ifarch aarch64 ppc64 ppc64le s390x x86_64
-Provides: libssh_threads.so.4()(64bit)
-%else
-Provides: libssh_threads.so.4
-%endif
 
 %description
 The ssh library was designed to be used by programmers needing a working SSH
@@ -47,320 +33,115 @@ third-party programs others than libcrypto (from openssl).
 
 %package devel
 Summary:        Development files for %{name}
+Group:          Development/Libraries
 Requires:       %{name}%{?_isa} = %{version}-%{release}
+Requires:       pkgconfig
+Requires:       cmake
 
 %description devel
 The %{name}-devel package contains libraries and header files for developing
 applications that use %{name}.
 
-%package config
-Summary:        Configuration files for %{name}
-BuildArch:      noarch
-Obsoletes:      %{name} < 0.9.0-3
-
-%description config
-The %{name}-config package provides the default configuration files for %{name}.
-
 %prep
-gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
-%autosetup -p1
+%setup -q
+%patch1 -p1
+%patch2 -p1 -b .libssh-0.7.2-fix_agent_bigendian.patch
+%patch3 -p1 -b .libssh-CVE-2018-10933.patch
+%patch4 -p1 -b .libssh-SHA256.patch
+%patch5 -p1 -b .libssh-fix-kbdint.patch
+
+# Remove examples, they are not packaged and do not build on EPEL 5
+sed -i -e 's|add_subdirectory(examples)||g' CMakeLists.txt
+rm -rf examples
+sed -i -e 's| -pedantic-errors||g' cmake/Modules/DefineCompilerFlags.cmake
 
 %build
+if test ! -e "obj"; then
+  mkdir obj
+fi
+pushd obj
+
 %cmake \
-    -DUNIT_TESTING=ON \
-    -DCLIENT_TESTING=ON \
-    -DSERVER_TESTING=ON \
-    -DGLOBAL_CLIENT_CONFIG="%{_sysconfdir}/libssh/libssh_client.config" \
-    -DGLOBAL_BIND_CONFIG="%{_sysconfdir}/libssh/libssh_server.config"
+    %{_builddir}/%{name}-%{version}
+make %{?_smp_mflags} VERBOSE=1 CFLAGS="-no-pedantic-errors"
+make doc
 
-%cmake_build
-
-%install
-%cmake_install
-install -d -m755 %{buildroot}%{_sysconfdir}/libssh
-install -m644 %{SOURCE3} %{buildroot}%{_sysconfdir}/libssh/libssh_client.config
-install -m644 %{SOURCE4} %{buildroot}%{_sysconfdir}/libssh/libssh_server.config
-
-#
-# Workaround for the removal of libssh_threads.so
-#
-# This will allow libraries which link against libssh_threads.so or packages
-# requiring it to continue working.
-#
-pushd %{buildroot}%{_libdir}
-for i in libssh.so*;
-do
-    _target="${i}"
-    _link_name="${i%libssh*}libssh_threads${i##*libssh}"
-    if [ -L "${i}" ]; then
-        _target="$(readlink ${i})"
-    fi
-    ln -s "${_target}" "${_link_name}"
-done;
 popd
 
-%ldconfig_scriptlets
+%install
+pushd obj
+make DESTDIR=%{buildroot} install
+popd
 
-%check
-# Tests are randomly failing when run in parallel
-%global _smp_build_ncpus 1
-%ctest
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+%clean
+rm -rf %{buildroot}
 
 %files
-%doc AUTHORS BSD ChangeLog README
-%license COPYING
-%{_libdir}/libssh.so.4*
-%{_libdir}/libssh_threads.so.4*
+%doc AUTHORS BSD ChangeLog COPYING README
+%{_libdir}/libssh.so.*
+%{_libdir}/libssh_threads.so.*
 
 %files devel
-%{_includedir}/libssh/
-# own this to avoid dep on cmake -- rex
-%dir  %{_libdir}/cmake/
-%{_libdir}/cmake/libssh/
+%doc obj/doc/html
+%{_includedir}/libssh/callbacks.h
+%{_includedir}/libssh/legacy.h
+%{_includedir}/libssh/libssh.h
+%{_includedir}/libssh/libsshpp.hpp
+%{_includedir}/libssh/server.h
+%{_includedir}/libssh/sftp.h
+%{_includedir}/libssh/ssh2.h
+%dir  %{_libdir}/cmake/libssh
+%{_libdir}/cmake/libssh/libssh-config-version.cmake
+%{_libdir}/cmake/libssh/libssh-config.cmake
 %{_libdir}/pkgconfig/libssh.pc
+%{_libdir}/pkgconfig/libssh_threads.pc
 %{_libdir}/libssh.so
 %{_libdir}/libssh_threads.so
 
-%files config
-%attr(0755,root,root) %dir %{_sysconfdir}/libssh
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_client.config
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
-
 %changelog
-* Thu Sep 10 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.5-1
-- Update to version 0.9.5
-  https://www.libssh.org/2020/09/10/libssh-0-9-5/
-- Removed patch to re-enable algorithms using sha1 in sshd for testing
-- The algorithms supported by sshd are now automatically detected for testing
-- Resolves: #1862457 - CVE-2020-16135
+* Mon Apr 01 2019 Robert Scheck <robert@fedoraproject.org> - 0.7.1-0.7
+- Add libssh 0.7.1-7 from RHEL/CentOS 7 to EPEL 7 (limited arch pkg)
 
-* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.4-5
-- Second attempt - Rebuilt for
-  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+* Sun Oct 28 2018 Martin Pitt <mpitt@redhat.com> - 0.7.1-7
+- resolves: #1637182 - Add SHA256 fingerprint support
+- Fix regression with keyboard interactive authentication introduced in
+  previous update
 
-* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.4-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+* Tue Oct 09 2018 Andreas Schneider <asn@redhat.com> - 0.7.1-6
+- resolves: #1637257 - Fix CVE-2018-10933
 
-* Mon Jun 22 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.4-3
-- Do not return error when server properly closed the channel (#1849069)
-- Add a test for CVE-2019-14889
-- Do not parse configuration file in torture_knownhosts test
+* Thu May 03 2018 - Lokesh Mandvekar <lsm5@redhat.com> - 0.7.1-5
+- correct bogus date annoyance
 
-* Wed Apr 15 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.4-2
-- Added patch to fix returned version
+* Thu May 03 2018 - Lokesh Mandvekar <lsm5@redhat.com> - 0.7.1-4
+- Resolves: #1574670 - bump release tag to have build shipped to
+client/workstation repos
 
-* Thu Apr 09 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.4-1
-- Update to version 0.9.4
-  https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
-- Removed inclusion of OpenSSH server configuration file from
-  libssh_server.config
-- Added patch to re-enable algorithms using sha1 in sshd for testing
-- resolves: #1822529 - CVE-2020-1730
+* Wed Mar 22 2017 - Dominik Perpeet <dperpeet@redhat.com> - 0.7.1-3
+- Fix agent auth on big endian machines
 
-* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.3-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+* Mon Feb 22 2016 - Stef Walter <stefw@redhat.com> - 0.7.1-2
+- Security fix for CVE-2016-0739 rhbz#1305971
 
-* Tue Dec 10 2019 Andreas Schneider <asn@redhat.com> - 0.9.3-1
-- Update to version 0.9.3
-- resolves: #1781780 - Fixes CVE-2019-14889
+* Mon Jul 06 2015 - Stef Walter <stefw@redhat.com> - 0.7.1-1
+- Updated to 0.7.1 release rhbz#1239085
 
-* Thu Nov 07 2019 Andreas Schneider <asn@redhat.com> - 0.9.2-1
-- Upate to version 0.9.2
-- resolves #1769370 - Remove the docs, they can be found on https://api.libssh.org/
+* Wed Apr 22 2015 - Stef Walter <stefw@redhat.com> - 0.6.4-4
+- Updated patch for CVE-2015-3146
 
-* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.0-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+* Wed Apr 22 2015 - Stef Walter <stefw@redhat.com> - 0.6.4-3
+- Enable _hardened_build
 
-* Thu Jul 11 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-5
-- Add Obsoletes in libssh-config to avoid conflict with old libssh which
-  installed the configuration files.
+* Tue Apr 21 2015 - Stef Walter <stefw@redhat.com> - 0.6.4-2
+- Security fix for CVE-2015-3145.
 
-* Wed Jul 10 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-4
-- Eliminate circular dependency with libssh-config subpackage
-
-* Wed Jul 10 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-3
-- Provide the configuration files in a separate libssh-config subpackage
-
-* Thu Jul 04 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-2
-- Do not ignore keys from known_hosts when SSH_OPTIONS_HOSTKEYS is set
-
-* Fri Jun 28 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-1
-- Fixed Release number to released format
-
-* Fri Jun 28 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-0.1
-- Update to version 0.9.0
-  https://www.libssh.org/2019/06/28/libssh-0-9-0/
-
-* Wed Jun 19 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.8.91-0.1
-- Update to 0.9.0 pre release version (0.8.91)
-- Added default configuration files for client and server
-- Follow system-wide crypto configuration (crypto-policies)
-- Added Recommends for crypto-policies
-- Use OpenSSL implementation for KDF, DH, and signatures.
-- Detect FIPS mode and use only allowed algorithms
-- Run client and server tests during build
-
-* Mon Feb 25 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.8.7-1
-- Update to version 0.8.7
-  https://www.libssh.org/2019/02/25/libssh-0-8-7/
-
-* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.6-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Tue Jan 15 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.8.6-2
-- Fix rsa-sha2 extension handling (#1666342)
-
-* Thu Jan 03 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.8.6-1
-- Update to version 0.8.6
-  https://www.libssh.org/2018/12/24/libssh-0-8-6-xmas-edition/
-
-* Mon Oct 29 2018 Andreas Schneider <asn@redhat.com> - 0.8.5-1
-- Update to version 0.8.5
-  https://www.libssh.org/2018/10/29/libssh-0-8-5-and-libssh-0-7-7/
-
-* Tue Oct 16 2018 Andreas Schneider <asn@redhat.com> - 0.8.4-1
-- Update to version 0.8.4
-  https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release
-- Fixes CVE-2018-10933
-
-* Mon Oct 01 2018 Anderson Sasaki <ansasaki@redhat.com> - 0.8.3-3
-- Fixed errors found by static code analysis
-
-* Tue Sep 25 2018 Anderson Sasaki <ansasaki@redhat.com> - 0.8.3-2
-- Add missing libssh_threads.so link to libssh-devel package
-
-* Fri Sep 21 2018 Andreas Schneider <asn@redhat.com> - 0.8.3-1
-- Update to version 0.8.3
-  https://www.libssh.org/2018/09/21/libssh-0-8-3/
-
-* Thu Aug 30 2018 Andreas Schneider <asn@redhat.com> - 0.8.2-1
-- Update to version 0.8.2
-  https://www.libssh.org/2018/08/30/libssh-0-8-2
-
-* Thu Aug 16 2018 Andreas Schneider <asn@redhat.com> - 0.8.1-4
-- Fix link creation or RPM doesn't install it
-
-* Wed Aug 15 2018 Andreas Schneider <asn@redhat.com> - 0.8.1-3
-- Add missing so version for libssh_threads.so.4
-
-* Tue Aug 14 2018 Andreas Schneider <asn@redhat.com> - 0.8.1-2
-- Add Provides for libssh_threads.so to unbreak applications
-
-* Mon Aug 13 2018 Andreas Schneider <asn@redhat.com> - 0.8.1-1
-- Update to version 0.8.1
-  https://www.libssh.org/2018/08/13/libssh-0-8-1
-- resolves: #1615248 - pkg-config --modversion
-- resolves: #1615132 - library initialization
-
-* Fri Aug 10 2018 Andreas Schneider <asn@redhat.com> - 0.8.0-1
-- Update to version 0.8.0
-  https://www.libssh.org/2018/08/10/libssh-0-8-0/
-
-* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.5-9
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Wed Mar 07 2018 Rex Dieter <rdieter@fedoraproject.org> - 0.7.5-8
-- BR: gcc-c++, use %%make_build
-
-* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.5-7
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
-
-* Thu Feb 01 2018 Andreas Schneider <asn@redhat.com> - 0.7.5-6
-- resolves: #1540021 - Build against OpenSSL 1.1
-
-* Wed Jan 31 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.7.5-5
-- Switch to %%ldconfig_scriptlets
-
-* Fri Dec 29 2017 Andreas Schneider <asn@redhat.com> - 0.7.5-4
-- Fix parsing ssh_config
-
-* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.5-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
-
-* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.5-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
-* Wed Apr 26 2017 Peter Robinson <pbrobinson@fedoraproject.org> 0.7.5-1
-- Update to version 0.7.5
-
-* Sat Mar 11 2017 Rex Dieter <rdieter@fedoraproject.org> - 0.7.4-2
-- BR: compat-openssl10-devel (f26+, #1423088)
-- use %%license
-- -devel: drop hardcoded pkgconfig dep (let autodeps handle it)
-- %%files: track library sonames, simplify -devel
-- %%install: use 'install/fast' target
-- .spec cosmetics, drop deprecated %%clean section
-
-* Wed Feb 08 2017 Andreas Schneider <asn@redhat.com> - 0.7.4-1
-- Update to version 0.7.4
-  * Added id_ed25519 to the default identity list
-  * Fixed sftp EOF packet handling
-  * Fixed ssh_send_banner() to confirm with RFC 4253
-  * Fixed some memory leaks
-- resolves: #1419007
-
-* Wed Feb 24 2016 Andreas Schneider <asn@redhat.com> - 0.7.3-1
-- resolves: #1311259 - Fix CVE-2016-0739
-- resolves: #1311332 - Update to version 0.7.3
-  * Fixed CVE-2016-0739
-  * Fixed ssh-agent on big endian
-  * Fixed some documentation issues
-- Enabled GSSAPI support
-
-* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.2-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
-
-* Thu Oct 22 2015 Andreas Schneider <asn@redhat.com> - 0.7.2-2
-- resolves: #1271230 - Fix ssh-agent support on big endian
-
-* Wed Sep 30 2015 Andreas Schneider <asn@redhat.com> - 0.7.2-1
-- Update to version 0.7.2
-  * Fixed OpenSSL detection on Windows
-  * Fixed return status for ssh_userauth_agent()
-  * Fixed KEX to prefer hmac-sha2-256
-  * Fixed sftp packet handling
-  * Fixed return values of ssh_key_is_(public|private)
-  * Fixed bug in global success reply
-- resolves: #1267346
-
-* Tue Jun 30 2015 Andreas Schneider <asn@redhat.com> - 0.7.1-1
-- Update to version 0.7.1
-  * Fixed SSH_AUTH_PARTIAL auth with auto public key
-  * Fixed memory leak in session options
-  * Fixed allocation of ed25519 public keys
-  * Fixed channel exit-status and exit-signal
-  * Reintroduce ssh_forward_listen()
-
-* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
-
-* Thu May 21 2015 Orion Poplawski <orion@cora.nwra.com> - 0.7.0-2
-- Add patch to fix undefined symbol: ssh_forward_listen (bug #1221310)
-
-* Mon May 11 2015 Andreas Schneider <asn@redhat.com> - 0.7.0-1
-- Update to version 0.7.0
-  * Added support for ed25519 keys
-  * Added SHA2 algorithms for HMAC
-  * Added improved and more secure buffer handling code
-  * Added callback for auth_none_function
-  * Added support for ECDSA private key signing
-  * Added more tests
-  * Fixed a lot of bugs
-  * Improved API documentation
-
-* Thu Apr 30 2015 Andreas Schneider <asn@redhat.com> - 0.6.5-1
-- resolves: #1213775 - Security fix for CVE-2015-3146
-- resolves: #1218076 - Security fix for CVE-2015-3146
-
-* Fri Dec 19 2014 - Andreas Schneider <asn@redhat.com> - 0.6.4-1
+* Wed Apr 01 2015 - Stef Walter <stefw@redhat.com> - 0.6.4-1
 - Security fix for CVE-2014-8132.
 
-* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.3-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
-
-* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.3-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
-
 * Tue Mar 04 2014 - Andreas Schneider <asn@redhat.com> - 0.6.3-1
 - Fix CVE-2014-0017.
 

libssh_client.config

@@ -1,4 +0,0 @@
-# Parse system-wide crypto configuration file
-Include /etc/crypto-policies/back-ends/libssh.config
-# Parse OpenSSH configuration file for consistency
-Include /etc/ssh/ssh_config

libssh_server.config

@@ -1,2 +0,0 @@
-# Parse system-wide crypto configuration file
-Include /etc/crypto-policies/back-ends/libssh.config

sources

@@ -1,2 +1 @@
-SHA512 (libssh-0.9.5.tar.xz) = 64e692a0bfa7f73585ea7b7b8b1d4c9a7f9be59565bfd4de32ca8cd9db121f87e7ad51f5c80269fbd99545af34dcf1894374ed8a6d6c1ac5f8601c026572ac18
-SHA512 (libssh-0.9.5.tar.xz.asc) = f0b76cdccf26144b9cc9ad3f7e1605b50473fc5c686d0d9a2419b13382440776c09428d717253a918f7347b90e4a562fd88d8ea85a6e54f06b149826295b4f8e
+SHA512 (libssh-0.7.1.tar.xz) = c7cea829e97c9f37c23b5d331e02ea5b8c8bea1a0b28fad62a273b252040a30ea9631b502ea165a1e041b6e23c3bf6746d49800875fa492d8f42c7d1e232ebb9

tests/tests.yml

@@ -1,10 +0,0 @@
----
-- hosts: localhost
-  roles:
-  - role: standard-test-beakerlib
-    tags:
-    - classic
-    repositories:
-    - repo: "https://gitlab.com/redhat-crypto/tests/libssh.git"
-      dest: "libssh"
-      fmf_filter: "tier: 0,1,2,3"