Compare commits
1 Commits
master
...
master-ris
Author | SHA1 | Date |
---|---|---|
David Abdurachmanov | 7df75dbaca |
|
@ -50,7 +50,3 @@ libssh-0.4.4.tar.gz.asc
|
|||
/libssh-0.9.2.tar.xz.asc
|
||||
/libssh-0.9.3.tar.xz
|
||||
/libssh-0.9.3.tar.xz.asc
|
||||
/libssh-0.9.4.tar.xz
|
||||
/libssh-0.9.4.tar.xz.asc
|
||||
/libssh-0.9.5.tar.xz
|
||||
/libssh-0.9.5.tar.xz.asc
|
||||
|
|
14
gating.yml
14
gating.yml
|
@ -1,14 +0,0 @@
|
|||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_testing
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_stable
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
|
@ -0,0 +1,46 @@
|
|||
From b33dcda94d313913a877bc8db006ad02141bc695 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Wed, 11 Dec 2019 11:07:33 +0100
|
||||
Subject: [PATCH] torture: Accept whole pid_t range
|
||||
|
||||
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
(cherry picked from commit d2a32ca6d3c40483a6d10340d3e11da9259e1379)
|
||||
---
|
||||
tests/torture.c | 10 ++++++++--
|
||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/tests/torture.c b/tests/torture.c
|
||||
index 360fd02a..907f45b3 100644
|
||||
--- a/tests/torture.c
|
||||
+++ b/tests/torture.c
|
||||
@@ -196,6 +196,7 @@ torture_read_pidfile(const char *pidfile)
|
||||
{
|
||||
char buf[8] = {0};
|
||||
long int tmp;
|
||||
+ pid_t ret;
|
||||
ssize_t rc;
|
||||
int fd;
|
||||
|
||||
@@ -213,11 +214,16 @@ torture_read_pidfile(const char *pidfile)
|
||||
buf[sizeof(buf) - 1] = '\0';
|
||||
|
||||
tmp = strtol(buf, NULL, 10);
|
||||
- if (tmp == 0 || tmp > 0xFFFF || errno == ERANGE) {
|
||||
+ if (tmp == 0 || errno == ERANGE) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+ ret = (pid_t)tmp;
|
||||
+ /* Check if we are out of pid_t range on this system */
|
||||
+ if ((long)ret != tmp) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
- return (pid_t)(tmp & 0xFFFF);
|
||||
+ return ret;
|
||||
}
|
||||
|
||||
int torture_terminate_process(const char *pidfile)
|
||||
--
|
||||
2.23.0
|
||||
|
63
libssh.spec
63
libssh.spec
|
@ -1,6 +1,6 @@
|
|||
Name: libssh
|
||||
Version: 0.9.5
|
||||
Release: 1%{?dist}
|
||||
Version: 0.9.3
|
||||
Release: 1.0.riscv64%{?dist}
|
||||
Summary: A library implementing the SSH protocol
|
||||
License: LGPLv2+
|
||||
URL: http://www.libssh.org
|
||||
|
@ -11,6 +11,8 @@ Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC
|
|||
Source3: libssh_client.config
|
||||
Source4: libssh_server.config
|
||||
|
||||
Patch0: libssh-0.9.4-torture_fix_pid_range_check.patch
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: gnupg2
|
||||
|
@ -31,7 +33,7 @@ Requires: %{name}-config = %{version}-%{release}
|
|||
|
||||
Recommends: crypto-policies
|
||||
|
||||
%ifarch aarch64 ppc64 ppc64le s390x x86_64
|
||||
%ifarch aarch64 ppc64 ppc64le s390x x86_64 riscv64
|
||||
Provides: libssh_threads.so.4()(64bit)
|
||||
%else
|
||||
Provides: libssh_threads.so.4
|
||||
|
@ -66,17 +68,24 @@ gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
|
|||
%autosetup -p1
|
||||
|
||||
%build
|
||||
%cmake \
|
||||
if test ! -e "obj"; then
|
||||
mkdir obj
|
||||
fi
|
||||
pushd obj
|
||||
|
||||
%cmake .. \
|
||||
-DUNIT_TESTING=ON \
|
||||
-DCLIENT_TESTING=ON \
|
||||
-DSERVER_TESTING=ON \
|
||||
-DGLOBAL_CLIENT_CONFIG="%{_sysconfdir}/libssh/libssh_client.config" \
|
||||
-DGLOBAL_BIND_CONFIG="%{_sysconfdir}/libssh/libssh_server.config"
|
||||
|
||||
%cmake_build
|
||||
%make_build VERBOSE=1
|
||||
|
||||
popd
|
||||
|
||||
%install
|
||||
%cmake_install
|
||||
make DESTDIR=%{buildroot} install/fast -C obj
|
||||
install -d -m755 %{buildroot}%{_sysconfdir}/libssh
|
||||
install -m644 %{SOURCE3} %{buildroot}%{_sysconfdir}/libssh/libssh_client.config
|
||||
install -m644 %{SOURCE4} %{buildroot}%{_sysconfdir}/libssh/libssh_server.config
|
||||
|
@ -102,9 +111,11 @@ popd
|
|||
%ldconfig_scriptlets
|
||||
|
||||
%check
|
||||
# Tests are randomly failing when run in parallel
|
||||
%global _smp_build_ncpus 1
|
||||
%ctest
|
||||
%ifnarch riscv64
|
||||
pushd obj
|
||||
ctest --output-on-failure
|
||||
popd
|
||||
%endif
|
||||
|
||||
%files
|
||||
%doc AUTHORS BSD ChangeLog README
|
||||
|
@ -127,38 +138,8 @@ popd
|
|||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
||||
|
||||
%changelog
|
||||
* Thu Sep 10 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.5-1
|
||||
- Update to version 0.9.5
|
||||
https://www.libssh.org/2020/09/10/libssh-0-9-5/
|
||||
- Removed patch to re-enable algorithms using sha1 in sshd for testing
|
||||
- The algorithms supported by sshd are now automatically detected for testing
|
||||
- Resolves: #1862457 - CVE-2020-16135
|
||||
|
||||
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.4-5
|
||||
- Second attempt - Rebuilt for
|
||||
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.4-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Mon Jun 22 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.4-3
|
||||
- Do not return error when server properly closed the channel (#1849069)
|
||||
- Add a test for CVE-2019-14889
|
||||
- Do not parse configuration file in torture_knownhosts test
|
||||
|
||||
* Wed Apr 15 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.4-2
|
||||
- Added patch to fix returned version
|
||||
|
||||
* Thu Apr 09 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.4-1
|
||||
- Update to version 0.9.4
|
||||
https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
|
||||
- Removed inclusion of OpenSSH server configuration file from
|
||||
libssh_server.config
|
||||
- Added patch to re-enable algorithms using sha1 in sshd for testing
|
||||
- resolves: #1822529 - CVE-2020-1730
|
||||
|
||||
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.3-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
* Thu Dec 26 2019 David Abdurachmanov <david.abdurachmanov@sifive.com> - 0.9.3-1.0.riscv64
|
||||
- Disable tests on riscv (failing)
|
||||
|
||||
* Tue Dec 10 2019 Andreas Schneider <asn@redhat.com> - 0.9.3-1
|
||||
- Update to version 0.9.3
|
||||
|
|
|
@ -1,2 +1,4 @@
|
|||
# Parse system-wide crypto configuration file
|
||||
Include /etc/crypto-policies/back-ends/libssh.config
|
||||
# Parse OpenSSH configuration file for consistency
|
||||
Include /etc/ssh/sshd_config
|
||||
|
|
4
sources
4
sources
|
@ -1,2 +1,2 @@
|
|||
SHA512 (libssh-0.9.5.tar.xz) = 64e692a0bfa7f73585ea7b7b8b1d4c9a7f9be59565bfd4de32ca8cd9db121f87e7ad51f5c80269fbd99545af34dcf1894374ed8a6d6c1ac5f8601c026572ac18
|
||||
SHA512 (libssh-0.9.5.tar.xz.asc) = f0b76cdccf26144b9cc9ad3f7e1605b50473fc5c686d0d9a2419b13382440776c09428d717253a918f7347b90e4a562fd88d8ea85a6e54f06b149826295b4f8e
|
||||
SHA512 (libssh-0.9.3.tar.xz) = 6e59718565daeca6d224426cc1095a112deff9af8e0b021917e04f08bb7409263c35724de95f591f38e26f0fb3bbbbc69b679b6775edc21dec158d241b076c6f
|
||||
SHA512 (libssh-0.9.3.tar.xz.asc) = 50d3a49274f1f1994451280b568e96144e60e926f9242182a9ff284671dba21c8a92640b2dee27948f2e33616903f16123b2e018a9cc281cf71d417c2715e1ad
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
- hosts: localhost
|
||||
roles:
|
||||
- role: standard-test-beakerlib
|
||||
tags:
|
||||
- classic
|
||||
repositories:
|
||||
- repo: "https://gitlab.com/redhat-crypto/tests/libssh.git"
|
||||
dest: "libssh"
|
||||
fmf_filter: "tier: 0,1,2,3"
|
Loading…
Reference in New Issue