diff --git a/libssh2-1.8.2.tar.gz b/libssh2-1.8.2.tar.gz deleted file mode 100644 index c63102f..0000000 --- a/libssh2-1.8.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:088307d9f6b6c4b8c13f34602e8ff65d21c2dc4d55284dfe15d502c4ee190d67 -size 859587 diff --git a/libssh2-1.8.2.tar.gz.asc b/libssh2-1.8.2.tar.gz.asc deleted file mode 100644 index 6e4fd4b..0000000 --- a/libssh2-1.8.2.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlyZLEkACgkQXMkI/bce -EsKIgAf/SG014jBSrrYrNdcBHVWZHzHvCERX9f3+horQG97kTFwq7sr9mIXI+zJe -ZFiHd7ugLLacqtYf6mbst+aTuy+OYxhCBbAHMm3i+cbH/xWFNw6xh3GqPSdlLTj8 -pwJSLTUKN26SqL9fSjEZGQTZJiMBnQuegCMFGwrkvtawPBAKQk2VBCot3y5G2tUa -i8gZajgcbVjXTBkf63j0rRqTt0oiL5Vw43+8Z/2gp/QKfnjNI7P8i/mfMKxjt3rY -vcoRoq2ZzGjm/jW4C1W+LpsvLOnaTNSR1AlYnWD50Snvx14QGCMqHdRj65UDUX5B -uPXwzZCzXZ8IXKd1hxzbH240jwz8VQ== -=tp1M ------END PGP SIGNATURE----- diff --git a/libssh2-1.9.0.tar.gz b/libssh2-1.9.0.tar.gz new file mode 100644 index 0000000..9bfc149 --- /dev/null +++ b/libssh2-1.9.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d5fb8bd563305fd1074dda90bd053fb2d29fc4bce048d182f96eaa466dfadafd +size 888551 diff --git a/libssh2-1.9.0.tar.gz.asc b/libssh2-1.9.0.tar.gz.asc new file mode 100644 index 0000000..537cc15 --- /dev/null +++ b/libssh2-1.9.0.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl0LJYMACgkQXMkI/bce +EsLN6Af9G7wRkmiJre8ocUpeWwNILaHr7N7IN+K4SkFFA8uxhf19ur73TX93twQk +Ft2N0biO3RxzL8Q6eMeLsxKCf1SKcW2M1taZfXSYq95+pWzSqtNasMZX/e6dTj9S +0V50nutZHCQFIAmRB9XF34xuHqIphEkt9ohWSzZv2XFpJwk/MQ03AL/vBWCGycns +dsITO7RRxmi9ymO4sDTlAGFxt/3CeoVEhaZ2UaBsKJWvxOFKKrw7/K44rAdx6SJQ +rX4ScKgkpuJX0bcJReGKwWcBzRkD4uHwD5HRLv6zfRDWxUQ+o3Ziq3FRgHbRCjnQ +6gN1teEjRkN+F80T+27aUDs/LcBKGg== +=cd3b +-----END PGP SIGNATURE----- diff --git a/libssh2-ocloexec.patch b/libssh2-ocloexec.patch index d2af8d0..b7a3d92 100644 --- a/libssh2-ocloexec.patch +++ b/libssh2-ocloexec.patch @@ -9,51 +9,64 @@ Subject: [PATCH] Use O_CLOEXEC where needed src/userauth.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) -Index: libssh2-1.7.0/src/agent.c +Index: libssh2-1.9.0/src/agent.c =================================================================== ---- libssh2-1.7.0.orig/src/agent.c 2016-02-09 22:54:08.000000000 +0100 -+++ libssh2-1.7.0/src/agent.c 2016-02-23 14:36:47.133091344 +0100 -@@ -152,7 +152,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent) - return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_USE, - "no auth sock variable"); +--- libssh2-1.9.0.orig/src/agent.c ++++ libssh2-1.9.0/src/agent.c +@@ -157,7 +157,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent) + "no auth sock variable"); + } - agent->fd = socket(PF_UNIX, SOCK_STREAM, 0); + agent->fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0); - if (agent->fd < 0) + if(agent->fd < 0) return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_SOCKET, "failed creating socket"); -Index: libssh2-1.7.0/src/knownhost.c +Index: libssh2-1.9.0/src/knownhost.c =================================================================== ---- libssh2-1.7.0.orig/src/knownhost.c 2015-03-19 14:01:33.000000000 +0100 -+++ libssh2-1.7.0/src/knownhost.c 2016-02-23 14:36:47.134091362 +0100 -@@ -954,7 +954,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN +--- libssh2-1.9.0.orig/src/knownhost.c ++++ libssh2-1.9.0/src/knownhost.c +@@ -963,7 +963,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN "Unsupported type of known-host information " "store"); -- file = fopen(filename, "r"); -+ file = fopen(filename, "re"); +- file = fopen(filename, FOPEN_READTEXT); ++ file = fopen(filename, FOPEN_READTEXT_CLOEXEC); if(file) { while(fgets(buf, sizeof(buf), file)) { if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type)) { -@@ -1178,7 +1178,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW +@@ -1204,7 +1204,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW "Unsupported type of known-host information " "store"); -- file = fopen(filename, "w"); -+ file = fopen(filename, "we"); +- file = fopen(filename, FOPEN_WRITETEXT); ++ file = fopen(filename, FOPEN_WRITETEXT_CLOEXEC); if(!file) return _libssh2_error(hosts->session, LIBSSH2_ERROR_FILE, "Failed to open file"); -Index: libssh2-1.7.0/src/userauth.c +Index: libssh2-1.9.0/src/userauth.c =================================================================== ---- libssh2-1.7.0.orig/src/userauth.c 2016-01-18 13:41:58.000000000 +0100 -+++ libssh2-1.7.0/src/userauth.c 2016-02-23 14:36:47.134091362 +0100 -@@ -538,7 +538,7 @@ file_read_publickey(LIBSSH2_SESSION * se +--- libssh2-1.9.0.orig/src/userauth.c ++++ libssh2-1.9.0/src/userauth.c +@@ -578,7 +578,7 @@ file_read_publickey(LIBSSH2_SESSION * se _libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s", pubkeyfile); /* Read Public Key */ -- fd = fopen(pubkeyfile, "r"); -+ fd = fopen(pubkeyfile, "re"); - if (!fd) { +- fd = fopen(pubkeyfile, FOPEN_READTEXT); ++ fd = fopen(pubkeyfile, FOPEN_READTEXT_CLOEXEC); + if(!fd) { return _libssh2_error(session, LIBSSH2_ERROR_FILE, "Unable to open public key file"); +Index: libssh2-1.9.0/src/libssh2_priv.h +=================================================================== +--- libssh2-1.9.0.orig/src/libssh2_priv.h ++++ libssh2-1.9.0/src/libssh2_priv.h +@@ -1138,6 +1138,8 @@ endings either CRLF or LF so 't' is appr + #define FOPEN_READTEXT "r" + #define FOPEN_WRITETEXT "w" + #define FOPEN_APPENDTEXT "a" ++#define FOPEN_READTEXT_CLOEXEC "re" ++#define FOPEN_WRITETEXT_CLOEXEC "we" + #endif + + #endif /* LIBSSH2_H */ diff --git a/libssh2_org.changes b/libssh2_org.changes index 06e6f62..d12ae1b 100644 --- a/libssh2_org.changes +++ b/libssh2_org.changes @@ -1,3 +1,37 @@ +------------------------------------------------------------------- +Thu Jun 20 11:07:36 UTC 2019 - Pedro Monreal Gonzalez + +- Version update to 1.9.0: + Enhancements and bugfixes: + * adds ECDSA keys and host key support when using OpenSSL + * adds ED25519 key and host key support when using OpenSSL 1.1.1 + * adds OpenSSH style key file reading + * adds AES CTR mode support when using WinCNG + * adds PEM passphrase protected file support for Libgcrypt and WinCNG + * adds SHA256 hostkey fingerprint + * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() + * adds explicit zeroing of sensitive data in memory + * adds additional bounds checks to network buffer reads + * adds the ability to use the server default permissions when creating sftp directories + * adds support for building with OpenSSL no engine flag + * adds support for building with LibreSSL + * increased sftp packet size to 256k + * fixed oversized packet handling in sftp + * fixed building with OpenSSL 1.1 + * fixed a possible crash if sftp stat gets an unexpected response + * fixed incorrect parsing of the KEX preference string value + * fixed conditional RSA and AES-CTR support + * fixed a small memory leak during the key exchange process + * fixed a possible memory leak of the ssh banner string + * fixed various small memory leaks in the backends + * fixed possible out of bounds read when parsing public keys from the server + * fixed possible out of bounds read when parsing invalid PEM files + * no longer null terminates the scp remote exec command + * now handle errors when diffie hellman key pair generation fails + * improved building instructions + * improved unit tests +- Rebased patch libssh2-ocloexec.patch + ------------------------------------------------------------------- Tue Apr 9 09:10:26 UTC 2019 - Pedro Monreal Gonzalez diff --git a/libssh2_org.spec b/libssh2_org.spec index 6c06279..bf0ef4e 100644 --- a/libssh2_org.spec +++ b/libssh2_org.spec @@ -18,7 +18,7 @@ %define pkg_name libssh2 Name: libssh2_org -Version: 1.8.2 +Version: 1.9.0 Release: 0 Summary: A library implementing the SSH2 protocol License: BSD-3-Clause