Compare commits
2 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
9731aba4aa | ||
|
d77a1af0b7 |
32
libssh2-1.2.7-bz802382.patch
Normal file
32
libssh2-1.2.7-bz802382.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From be86f37814a3f80bb1e827be1e08e608d8f304f4 Mon Sep 17 00:00:00 2001
|
||||
From: Joey Degges <jdegges@gmail.com>
|
||||
Date: Tue, 21 Dec 2010 02:53:20 -0800
|
||||
Subject: [PATCH] _libssh2_ntohu64: fix conversion from network bytes to uint64
|
||||
|
||||
Cast individual bytes to uint64 to avoid overflow in arithmetic.
|
||||
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
src/misc.c | 6 ++++--
|
||||
1 files changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/misc.c b/src/misc.c
|
||||
index e6c5e99..a5e540c 100644
|
||||
--- a/src/misc.c
|
||||
+++ b/src/misc.c
|
||||
@@ -148,8 +148,10 @@ _libssh2_ntohu64(const unsigned char *buf)
|
||||
{
|
||||
unsigned long msl, lsl;
|
||||
|
||||
- msl = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
|
||||
- lsl = (buf[4] << 24) | (buf[5] << 16) | (buf[6] << 8) | buf[7];
|
||||
+ msl = ((libssh2_uint64_t)buf[0] << 24) | ((libssh2_uint64_t)buf[1] << 16)
|
||||
+ | ((libssh2_uint64_t)buf[2] << 8) | (libssh2_uint64_t)buf[3];
|
||||
+ lsl = ((libssh2_uint64_t)buf[4] << 24) | ((libssh2_uint64_t)buf[5] << 16)
|
||||
+ | ((libssh2_uint64_t)buf[6] << 8) | (libssh2_uint64_t)buf[7];
|
||||
|
||||
return ((libssh2_uint64_t)msl <<32) | lsl;
|
||||
}
|
||||
--
|
||||
1.7.1
|
||||
|
55
libssh2-1.2.7-bz804155.patch
Normal file
55
libssh2-1.2.7-bz804155.patch
Normal file
@ -0,0 +1,55 @@
|
||||
transport_send: Finish in-progress key exchange before sending data
|
||||
|
||||
Backport of upstream commit cc4f9d5679278ce41cd5480fab3f5e71dba163ed
|
||||
|
||||
_libssh2_channel_write() first reads outstanding packets before writing new
|
||||
data. If it reads a key exchange request, it will immediately start key
|
||||
re-exchange, which will require sending a response. If the output socket is
|
||||
full, this will result in a return from _libssh2_transport_read() of
|
||||
LIBSSH2_ERROR_EAGAIN. In order not to block a write because there is no data to
|
||||
read, this error is explicitly ignored and the code continues marshalling a
|
||||
packet for sending. When it is sent, the remote end immediately drops the
|
||||
connection because it was expecting a continuation of the key exchange, but got
|
||||
a data packet.
|
||||
|
||||
This change adds the same check for key exchange to _libssh2_transport_write()
|
||||
that is in _libssh2_transport_read(). This ensures that key exchange is
|
||||
completed before any data packet is sent.
|
||||
|
||||
diff -up libssh2-1.2.7/src/transport.c.bz804155 libssh2-1.2.7/src/transport.c
|
||||
--- libssh2-1.2.7/src/transport.c.bz804155
|
||||
+++ libssh2-1.2.7/src/transport.c
|
||||
@@ -312,7 +312,7 @@ int _libssh2_transport_read(LIBSSH2_SESS
|
||||
* is done!
|
||||
*/
|
||||
_libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
|
||||
- " key re-exchange");
|
||||
+ " key re-exchange from _libssh2_transport_read");
|
||||
rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
|
||||
if (rc)
|
||||
return rc;
|
||||
@@ -718,6 +718,24 @@ _libssh2_transport_write(LIBSSH2_SESSION
|
||||
unsigned char *orgdata = data;
|
||||
size_t orgdata_len = data_len;
|
||||
|
||||
+ /*
|
||||
+ * If the last read operation was interrupted in the middle of a key
|
||||
+ * exchange, we must complete that key exchange before continuing to write
|
||||
+ * further data.
|
||||
+ *
|
||||
+ * See the similar block in _libssh2_transport_read for more details.
|
||||
+ */
|
||||
+ if (session->state & LIBSSH2_STATE_EXCHANGING_KEYS &&
|
||||
+ !(session->state & LIBSSH2_STATE_KEX_ACTIVE)) {
|
||||
+ /* Don't write any new packets if we're still in the middle of a key
|
||||
+ * exchange. */
|
||||
+ _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
|
||||
+ " key re-exchange from _libssh2_transport_write");
|
||||
+ rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
|
||||
+ if (rc)
|
||||
+ return rc;
|
||||
+ }
|
||||
+
|
||||
debugdump(session, "libssh2_transport_write plain", data, data_len);
|
||||
|
||||
/* FIRST, check if we have a pending write to complete */
|
18
libssh2.spec
18
libssh2.spec
@ -1,12 +1,14 @@
|
||||
Name: libssh2
|
||||
Version: 1.2.7
|
||||
Release: 2%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Summary: A library implementing the SSH2 protocol
|
||||
|
||||
Group: System Environment/Libraries
|
||||
License: BSD
|
||||
URL: http://www.libssh2.org
|
||||
Source0: http://libssh2.org/download/libssh2-%{version}.tar.gz
|
||||
Patch0: libssh2-1.2.7-bz802382.patch
|
||||
Patch1: libssh2-1.2.7-bz804155.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
|
||||
BuildRequires: openssl-devel
|
||||
@ -45,6 +47,12 @@ developing applications that use %{name}.
|
||||
%prep
|
||||
%setup -q
|
||||
|
||||
# avoid a crash of curl when downloading large files using SFTP (#802382)
|
||||
%patch0 -p1
|
||||
|
||||
# fix libssh2 failing key re-exchange when write channel is saturated (#804155)
|
||||
%patch1 -p1
|
||||
|
||||
# make sure things are UTF-8...
|
||||
for i in ChangeLog NEWS ; do
|
||||
iconv --from=ISO-8859-1 --to=UTF-8 $i > new
|
||||
@ -112,7 +120,13 @@ rm -rf %{buildroot}
|
||||
%{_libdir}/pkgconfig/*
|
||||
|
||||
%changelog
|
||||
* Sat Jun 25 2011 Dennis Gilmore <dennis@ausil.us> - 1.2.7-2
|
||||
* Fri Mar 16 2012 Paul Howarth <paul@city-fan.org> 1.2.7-4
|
||||
- fix libssh2 failing key re-exchange when write channel is saturated (#804155)
|
||||
|
||||
* Mon Mar 12 2012 Kamil Dudka <kdudka@redhat.com> 1.2.7-3
|
||||
- avoid a crash of curl when downloading large files using SFTP (#802382)
|
||||
|
||||
* Sat Jun 25 2011 Dennis Gilmore <dennis@ausil.us> 1.2.7-2
|
||||
- sshd/loopback test fails in the sparc buildsystem
|
||||
|
||||
* Tue Oct 12 2010 Kamil Dudka <kdudka@redhat.com> 1.2.7-1
|
||||
|
Loading…
Reference in New Issue
Block a user