diff --git a/0001-Soften-behaviour-of-the-Compression-no-yes-option.patch b/0001-Soften-behaviour-of-the-Compression-no-yes-option.patch deleted file mode 100644 index 6fb2aae..0000000 --- a/0001-Soften-behaviour-of-the-Compression-no-yes-option.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 14991ad0718c137828e780308fc1f7027293ec15 Mon Sep 17 00:00:00 2001 -From: Fabian Vogt -Date: Thu, 23 Dec 2021 12:34:00 +0100 -Subject: [PATCH] Soften behaviour of the Compression=no/yes option - -Currently Compression=no (the default) force-disables zlib algos, while -Compression=yes force-enables it. This means that mismatching options between -client and server lead to connection failure. This can easily happen if the -server has default settings but the client specifies Compression=yes. - -OpenSSH treats the option as a "prefer compression" setting: -Compression=no -> none,zlib@openssh.com,zlib (default) -Compression=yes -> zlib@openssh.com,zlib,none - -This commit changes the libssh behaviour to the same as OpenSSH. - -Signed-off-by: Fabian Vogt -Reviewed-by: Andreas Schneider -Reviewed-by: Jakub Jelen ---- - src/kex.c | 6 +++--- - src/options.c | 8 ++++---- - tests/unittests/torture_config.c | 10 ++++++---- - tests/unittests/torture_options.c | 29 +++++++++++++++++++++++++---- - 4 files changed, 38 insertions(+), 15 deletions(-) - -Index: libssh-0.9.6/src/kex.c -=================================================================== ---- libssh-0.9.6.orig/src/kex.c -+++ libssh-0.9.6/src/kex.c -@@ -94,7 +94,7 @@ - #endif /* HAVE_LIBCRYPTO */ - - #ifdef WITH_ZLIB --#define ZLIB "none,zlib,zlib@openssh.com" -+#define ZLIB "none,zlib@openssh.com,zlib" - #else - #define ZLIB "none" - #endif -@@ -218,8 +218,8 @@ static const char *default_methods[] = { - AES BLOWFISH DES, - "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", - "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", -- "none", -- "none", -+ ZLIB, -+ ZLIB, - "", - "", - NULL -Index: libssh-0.9.6/src/options.c -=================================================================== ---- libssh-0.9.6.orig/src/options.c -+++ libssh-0.9.6/src/options.c -@@ -844,10 +844,10 @@ int ssh_options_set(ssh_session session, - return -1; - } else { - if (strcasecmp(value,"yes")==0){ -- if(ssh_options_set_algo(session,SSH_COMP_C_S,"zlib@openssh.com,zlib") < 0) -+ if(ssh_options_set_algo(session,SSH_COMP_C_S,"zlib@openssh.com,zlib,none") < 0) - return -1; - } else if (strcasecmp(value,"no")==0){ -- if(ssh_options_set_algo(session,SSH_COMP_C_S,"none") < 0) -+ if(ssh_options_set_algo(session,SSH_COMP_C_S,"none,zlib@openssh.com,zlib") < 0) - return -1; - } else { - if (ssh_options_set_algo(session, SSH_COMP_C_S, v) < 0) -@@ -862,10 +862,10 @@ int ssh_options_set(ssh_session session, - return -1; - } else { - if (strcasecmp(value,"yes")==0){ -- if(ssh_options_set_algo(session,SSH_COMP_S_C,"zlib@openssh.com,zlib") < 0) -+ if(ssh_options_set_algo(session,SSH_COMP_S_C,"zlib@openssh.com,zlib,none") < 0) - return -1; - } else if (strcasecmp(value,"no")==0){ -- if(ssh_options_set_algo(session,SSH_COMP_S_C,"none") < 0) -+ if(ssh_options_set_algo(session,SSH_COMP_S_C,"none,zlib@openssh.com,zlib") < 0) - return -1; - } else { - if (ssh_options_set_algo(session, SSH_COMP_S_C, v) < 0) -Index: libssh-0.9.6/tests/unittests/torture_config.c -=================================================================== ---- libssh-0.9.6.orig/tests/unittests/torture_config.c -+++ libssh-0.9.6/tests/unittests/torture_config.c -@@ -345,12 +345,14 @@ static void torture_config_new(void **st - assert_string_equal(session->opts.bindaddr, BIND_ADDRESS); - #ifdef WITH_ZLIB - assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S], -- "zlib@openssh.com,zlib"); -+ "zlib@openssh.com,zlib,none"); - assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C], -- "zlib@openssh.com,zlib"); -+ "zlib@openssh.com,zlib,none"); - #else -- assert_null(session->opts.wanted_methods[SSH_COMP_C_S]); -- assert_null(session->opts.wanted_methods[SSH_COMP_S_C]); -+ assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S], -+ "none"); -+ assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C], -+ "none"); - #endif /* WITH_ZLIB */ - assert_int_equal(session->opts.StrictHostKeyChecking, 0); - assert_int_equal(session->opts.gss_delegate_creds, 1); diff --git a/0001-disable-timeout-test-on-slow-buildsystems.patch b/0001-disable-timeout-test-on-slow-buildsystems.patch index 70d83bd..cf6cda3 100644 --- a/0001-disable-timeout-test-on-slow-buildsystems.patch +++ b/0001-disable-timeout-test-on-slow-buildsystems.patch @@ -1,7 +1,7 @@ -Index: libssh-0.9.6/tests/unittests/torture_misc.c +Index: libssh-0.10.0/tests/unittests/torture_misc.c =================================================================== ---- libssh-0.9.6.orig/tests/unittests/torture_misc.c 2021-08-26 15:14:47.337264821 +0200 -+++ libssh-0.9.6/tests/unittests/torture_misc.c 2021-08-26 15:15:24.513466534 +0200 +--- libssh-0.10.0.orig/tests/unittests/torture_misc.c 2022-07-07 15:53:51.000000000 +0200 ++++ libssh-0.10.0/tests/unittests/torture_misc.c 2022-08-26 14:19:01.827866890 +0200 @@ -211,11 +211,13 @@ static void torture_timeout_elapsed(void ssh_timestamp_init(&ts); usleep(30000); @@ -30,22 +30,22 @@ Index: libssh-0.9.6/tests/unittests/torture_misc.c } static void torture_ssh_analyze_banner(void **state) { -Index: libssh-0.9.6/DefineOptions.cmake +Index: libssh-0.10.0/DefineOptions.cmake =================================================================== ---- libssh-0.9.6.orig/DefineOptions.cmake 2021-08-26 15:14:47.337264821 +0200 -+++ libssh-0.9.6/DefineOptions.cmake 2021-08-26 15:14:50.093279775 +0200 -@@ -22,6 +22,7 @@ option(WITH_ABI_BREAK "Allow ABI break" - option(WITH_GEX "Enable DH Group exchange mechanisms" ON) - option(FUZZ_TESTING "Build with fuzzer for the server" OFF) +--- libssh-0.10.0.orig/DefineOptions.cmake 2022-07-07 15:53:51.000000000 +0200 ++++ libssh-0.10.0/DefineOptions.cmake 2022-08-26 14:19:41.500119198 +0200 +@@ -25,6 +25,7 @@ option(WITH_GEX "Enable DH Group exchang + option(WITH_INSECURE_NONE "Enable insecure none cipher and MAC algorithms (not suitable for production!)" OFF) + option(FUZZ_TESTING "Build with fuzzer for the server and client (automatically enables none cipher!)" OFF) option(PICKY_DEVELOPER "Build with picky developer flags" OFF) +option(SLOW_TEST_SYSTEM "Disable tests that fail on slow systems" OFF) if (WITH_ZLIB) set(WITH_LIBZ ON) -@@ -53,3 +54,8 @@ endif (NOT GLOBAL_BIND_CONFIG) - if (NOT GLOBAL_CLIENT_CONFIG) - set(GLOBAL_CLIENT_CONFIG "/etc/ssh/ssh_config") - endif (NOT GLOBAL_CLIENT_CONFIG) +@@ -60,3 +61,8 @@ endif (NOT GLOBAL_CLIENT_CONFIG) + if (FUZZ_TESTING) + set(WITH_INSECURE_NONE ON) + endif (FUZZ_TESTING) + +if (SLOW_TEST_SYSTEM) + set (SLOW_TEST_SYSTEM ON) diff --git a/libssh-0.10.3.tar.xz b/libssh-0.10.3.tar.xz new file mode 100644 index 0000000..d400cde --- /dev/null +++ b/libssh-0.10.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6e889dbe4f3eecd13a452ca868ec85525ab9c39d778519a9c141b83da738c8aa +size 554928 diff --git a/libssh-0.10.3.tar.xz.asc b/libssh-0.10.3.tar.xz.asc new file mode 100644 index 0000000..3563717 --- /dev/null +++ b/libssh-0.10.3.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEjf9T4Y8qvI2PPJIjfuD8TcwBTj0FAmMV7TkACgkQfuD8TcwB +Tj3u+g//btu5xrU+T3GRbulwYdSlsTbiWETUCinEIuYkqHgMhim9hKW34AslJUTg +QPyfQkanIMfmboeooN3OHWdvCRcDj1xOhFtAMyQU2kTbZhtPIi+D9qVGC+8jrE10 +0hQUs7ljthcPuZQTtrRzLkI/uml5iRVxi2cgR7qMf/VE+S/WD35A1T2CaqH0AeL6 +kuWiZKeJ/0mZSPXj9Xf3CbioXPGtyJ9vY9eY0hMWqB6JDC4Y8lMY0WGFwD8ESlQe +z/NBEjEjlBprrEZ1COLCYiQqU2ZhherVkNoLpin/GQl8n96Ke+m12yCWcsrt75V3 +n/OoKYYKpCgyDAm+CcjVP+/GpcjpwJZulUyT8gXJ6u2LDtFJpJKni2okBddRlssQ +V7gT1ZlrvFZh60ayTumUMUxgx0RFKfiWKsD4l92ps01Pt7D8b6AjR3OQmDzVGIzJ +/TVbfwdEVTQWxsg3wlFLJEYWKp+qy/9Ar3PDoEGrOc+n9/hrH8fjNPjgl2WNXBTe +CaqVOLoMRfDq57mUeQzyfvpgMeLhgIMv4ZH5cg9wLSPK5VCpy1j/lYNYKP347hvO +JtKx6zP+0xI1vP7Au/6T2YwdqQM1KPLLJMhBIOH4ShRdmojK0leqvzp6cWZZh9Qo +KoUsSzp3LDGYP+n24QdFKmOgPJOUHGM3F1T2/BiQZzZQpZ1gzK8= +=wwW6 +-----END PGP SIGNATURE----- diff --git a/libssh-0.9.6.tar.xz b/libssh-0.9.6.tar.xz deleted file mode 100644 index 796bc28..0000000 --- a/libssh-0.9.6.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:86bcf885bd9b80466fe0e05453c58b877df61afa8ba947a58c356d7f0fab829b -size 1053056 diff --git a/libssh-0.9.6.tar.xz.asc b/libssh-0.9.6.tar.xz.asc deleted file mode 100644 index e5b636e..0000000 --- a/libssh-0.9.6.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEjf9T4Y8qvI2PPJIjfuD8TcwBTj0FAmEniOkACgkQfuD8TcwB -Tj0TKQ/9HiMAGSMHoQ+iPVLP06iTc6Cy7rNyON2nPDQwAz0V/dfvkrKAAEflfgYd -3pt3dbE/qgh2kgQLb9kpbCUmFoGuLgKz36RPOsggwuOsN+eD1n65q8W39sMOQid3 -bjUIOKRdYWC1suZ9fMAO1Ignl69Opd8dAq1Has9YzglaeQaV/lnYQOW4UG0xKHck -ZOp2qLfjmaQiBAI61eRyxqIYC0F67WKd0bo9D2csoocDVvHLq4syPdbMOfDTB+LL -KZSAZVW1R1JUVZMkp/P/HU11jNNy3wKoLafocnq8bXkPVrqhyuo+hDJV/OPUvFLa -VE/BzIRoMNG+1R+GJpwE7ut2DIHPxnZTThRkeVN5qP1+hbhgLJhW62I+HeAnD4s+ -+W7fwJovN28I+wqSjVEP8JguprVuoDAX5jVHbeZoMT7p8ATA4Nh3KCbYELEwTtFG -zsEIlBvoNXD3ce7xGXL3MPqfgKqrZQjRG/iOWvKwDV7WrqK1cFFyL7aeBfK2+dQq -1Ew7aYlTsH6Hap7XByeSsy4Z5ts3VXIoFix/h+Br5OTYKYgITM7bijNAQ6A2ZWQN -TxCv8X0sVyaGyXhxG6QhrEWZjFe496MneZkq9e6HKZyaSbzwFwMgOvrUUC7fa8e5 -o1Rvozah81U0nsikwTmDrm15RSK3mr2X34zPW2Ahzr1I5tGZzOk= -=cO0k ------END PGP SIGNATURE----- diff --git a/libssh.changes b/libssh.changes index 54677ca..a0aced6 100644 --- a/libssh.changes +++ b/libssh.changes @@ -1,3 +1,31 @@ +------------------------------------------------------------------- +Mon Sep 5 13:00:07 UTC 2022 - Andreas Schneider + +- Update to version 0.10.3 + * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.3 + +------------------------------------------------------------------- +Fri Sep 2 08:51:23 UTC 2022 - Andreas Schneider + +- Update to version 0.10.2 + * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.2 +- Removed libssh-weak-attribute.patch + +------------------------------------------------------------------- +Tue Aug 30 14:29:51 UTC 2022 - Andreas Schneider + +- Update to version 0.10.1 + * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.1 +- Enable client and server testing + * Added libssh-weak-attribute.patch + +------------------------------------------------------------------- +Fri Aug 26 12:16:13 UTC 2022 - Andreas Schneider + +- Update to version 0.10.0 + * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.0 +- Removed 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch + ------------------------------------------------------------------- Wed Jan 5 13:58:56 UTC 2022 - Fabian Vogt diff --git a/libssh.spec b/libssh.spec index 3f54d61..1cff681 100644 --- a/libssh.spec +++ b/libssh.spec @@ -30,7 +30,7 @@ %bcond_with test %endif Name: libssh%{pkg_suffix} -Version: 0.9.6 +Version: 0.10.3 Release: 0 Summary: The SSH library License: LGPL-2.1-or-later @@ -43,8 +43,6 @@ Source3: libssh_client.config Source4: libssh_server.config Source99: baselibs.conf Patch0: 0001-disable-timeout-test-on-slow-buildsystems.patch -# PATCH-FIX-UPSTREAM -Patch1: 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires: krb5-devel @@ -57,6 +55,12 @@ Obsoletes: %{name}-devel-doc <= 0.8.6 %if %{with test} BuildRequires: libcmocka-devel BuildRequires: openssh +%if 0%{?suse_version} > 1550 +BuildRequires: nss_wrapper +BuildRequires: pam_wrapper +BuildRequires: socket_wrapper +BuildRequires: uid_wrapper +%endif %endif %description @@ -105,6 +109,10 @@ Development headers for the SSH library. %if %{with test} -DUNIT_TESTING="ON" \ -DSLOW_TEST_SYSTEM=%{slow_test_system} \ +%if 0%{?suse_version} > 1550 + -DCLIENT_TESTING=ON \ + -DSERVER_TESTING=ON \ +%endif %endif -DWITH_GSSAPI=ON \ -DWITH_EXAMPLES="OFF" \ @@ -124,6 +132,8 @@ install -m644 %{SOURCE4} %{buildroot}%{_sysconfdir}/libssh/libssh_server.config %check %if %{with test} +# Tests are randomly failing when run in parallel +%define _smp_mflags %{nil} %ctest %endif @@ -132,7 +142,7 @@ install -m644 %{SOURCE4} %{buildroot}%{_sysconfdir}/libssh/libssh_server.config %postun -n libssh4 -p /sbin/ldconfig %files -n libssh4 -%doc AUTHORS README ChangeLog +%doc AUTHORS README CHANGELOG %{_libdir}/libssh.so.* %files config