pool/libssh2_org
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1093948 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

Browse Source 
- Update to 1.11.0:
  * Enhancements and bugfixes
    - Adds support for encrypt-then-mac (ETM) MACs
    - Adds support for AES-GCM crypto protocols
    - Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys
    - Adds support for RSA certificate authentication
    - Adds FIDO support with *_sk() functions
    - Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends
    - Adds Agent Forwarding and libssh2_agent_sign()
    - Adds support for Channel Signal message libssh2_channel_signal_ex()
    - Adds support to get the user auth banner message libssh2_userauth_banner()
    - Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519,
      AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options
    - Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex()
    - Adds wolfSSL support to CMake file
    - Adds mbedTLS 3.x support
    - Adds LibreSSL 3.5 support
    - Adds support for CMake "unity" builds
    - Adds CMake support for building shared and static libs in a single pass
    - Adds symbol hiding support to CMake
    - Adds support for libssh2.rc for all build tools
    - Adds .zip, .tar.xz and .tar.bz2 release tarballs
    - Enables ed25519 key support for LibreSSL 3.7.0 or higher
    - Improves OpenSSL 1.1 and 3 compatibility
    - Now requires OpenSSL 1.0.2 or newer
    - Now requires CMake 3.1 or newer
    - SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs
    - SFTP: No longer has a packet limit when reading a directory
    - SFTP: now parses attribute extensions if they exist
    - SFTP: no longer will busy loop if SFTP fails to initialize

OBS-URL: https://build.opensuse.org/request/show/1093948
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libssh2_org?expand=0&rev=72
This commit is contained in:
Pedro Monreal Gonzalez 2023-06-20 16:50:58 +00:00 committed by Git OBS Bridge
parent 76e14e1783
commit a10789ab49
7 changed files with 115 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
libssh2-1.10.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2d64e90f3ded394b91d3a2e774ca203a4179f69aebee03003e5a6fa621e41d51
size 965044

11
libssh2-1.10.0.tar.gz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmEr8DkACgkQXMkI/bce
EsIVWAgAnukavrtNIUkCCaXT7XBn8I4zLhXrfHted+Hq/c5wXi05cm1p1F2q7dun
aoiwayYydw2PglbZPRrC75dhQS1aIHg+0ZyjdpoyJEPmXuy3oYHSYqIs5ac9/JGF
/+/aumQwqLfSxBSo2Sa4si9aQblu9atdOWMnhOFT+kuu/FyfWrFv1ru3+NgefX2y
X+wbNOKl4KfAxJsAcNw48BbTooZVwBMYbKph2Nm+GzZ1H6biM6+BBlJjybTX3fHZ
6g+KBJrB/uP7Fy/fozn1sYokGAvDIEzXBXofA9bP44ejouNopDR0dll0MVUHnlqd
l0FCMO0pxJIGZD9se6UOkibhhYcQdQ==
=eKk3
-----END PGP SIGNATURE-----

BIN
libssh2-1.11.0.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

11
libssh2-1.11.0.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmR2HWEACgkQXMkI/bce
EsIBgwf/ZExq9GsrLaX3eFiOe6/qjcixscNfP2TfBn/b9miKzmTCEle9H/wLUaeI
VVB/Zs9pNAlROJ+QEGQKfBb5fzGJm9nifWsuZ+Y65s8JGUzI3Y3cKdsyYTV8Myaj
1IvMR/oQoPjW8bd0a3SsKRLdWhN/9/Q4fiEjSs2Zp1OuCaLnLebyPgXx8f3BpXKQ
YfLYUslRgKGND+VULfUki1i8mvF4ledhanf1nTRxwfK5HrXWLT/Yd+lVRKTZgWl+
2YqXvGU9pI9N7GSVfHttYEbqP8hd8ncxea46bSaSauc4e5Sn9lYAvo2Wri33zPLw
MwI17cyi7s1H0CuIc2cT4L8BUYg3vw==
=eRz/
-----END PGP SIGNATURE-----

38
libssh2-ocloexec.patch
View File

@ -9,11 +9,11 @@ Subject: [PATCH] Use O_CLOEXEC where needed
src/userauth.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
Index: libssh2-1.10.0/src/agent.c
Index: libssh2-1.11.0/src/agent.c
===================================================================
--- libssh2-1.10.0.orig/src/agent.c
+++ libssh2-1.10.0/src/agent.c
@@ -109,7 +109,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent)
--- libssh2-1.11.0.orig/src/agent.c
+++ libssh2-1.11.0/src/agent.c
@@ -177,7 +177,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent)
"no auth sock variable");
}
@ -22,11 +22,11 @@ Index: libssh2-1.10.0/src/agent.c
if(agent->fd < 0)
return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_SOCKET,
"failed creating socket");
Index: libssh2-1.10.0/src/knownhost.c
Index: libssh2-1.11.0/src/knownhost.c
===================================================================
--- libssh2-1.10.0.orig/src/knownhost.c
+++ libssh2-1.10.0/src/knownhost.c
@@ -963,7 +963,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN
--- libssh2-1.11.0.orig/src/knownhost.c
+++ libssh2-1.11.0/src/knownhost.c
@@ -962,7 +962,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN
"Unsupported type of known-host information "
"store");
@ -35,7 +35,7 @@ Index: libssh2-1.10.0/src/knownhost.c
if(file) {
while(fgets(buf, sizeof(buf), file)) {
if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type)) {
@@ -1204,7 +1204,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW
@@ -1203,7 +1203,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW
"Unsupported type of known-host information "
"store");
@ -44,24 +44,24 @@ Index: libssh2-1.10.0/src/knownhost.c
if(!file)
return _libssh2_error(hosts->session, LIBSSH2_ERROR_FILE,
"Failed to open file");
Index: libssh2-1.10.0/src/userauth.c
Index: libssh2-1.11.0/src/userauth.c
===================================================================
--- libssh2-1.10.0.orig/src/userauth.c
+++ libssh2-1.10.0/src/userauth.c
@@ -578,7 +578,7 @@ file_read_publickey(LIBSSH2_SESSION * se
_libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s",
pubkeyfile);
--- libssh2-1.11.0.orig/src/userauth.c
+++ libssh2-1.11.0/src/userauth.c
@@ -654,7 +654,7 @@ file_read_publickey(LIBSSH2_SESSION * se
_libssh2_debug((session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s",
pubkeyfile));
/* Read Public Key */
- fd = fopen(pubkeyfile, FOPEN_READTEXT);
+ fd = fopen(pubkeyfile, FOPEN_READTEXT_CLOEXEC);
if(!fd) {
return _libssh2_error(session, LIBSSH2_ERROR_FILE,
"Unable to open public key file");
Index: libssh2-1.10.0/src/libssh2_priv.h
Index: libssh2-1.11.0/src/libssh2_priv.h
===================================================================
--- libssh2-1.10.0.orig/src/libssh2_priv.h
+++ libssh2-1.10.0/src/libssh2_priv.h
@@ -1149,6 +1149,8 @@ endings either CRLF or LF so 't' is appr
--- libssh2-1.11.0.orig/src/libssh2_priv.h
+++ libssh2-1.11.0/src/libssh2_priv.h
@@ -1218,6 +1218,8 @@ size_t plain_method(char *method, size_t
#define FOPEN_READTEXT "r"
#define FOPEN_WRITETEXT "w"
#define FOPEN_APPENDTEXT "a"

68
libssh2_org.changes
View File

@ -1,3 +1,71 @@
-------------------------------------------------------------------
Tue Jun 20 08:17:25 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
- Update to 1.11.0:
* Enhancements and bugfixes
- Adds support for encrypt-then-mac (ETM) MACs
- Adds support for AES-GCM crypto protocols
- Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys
- Adds support for RSA certificate authentication
- Adds FIDO support with *_sk() functions
- Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends
- Adds Agent Forwarding and libssh2_agent_sign()
- Adds support for Channel Signal message libssh2_channel_signal_ex()
- Adds support to get the user auth banner message libssh2_userauth_banner()
- Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519,
AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options
- Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex()
- Adds wolfSSL support to CMake file
- Adds mbedTLS 3.x support
- Adds LibreSSL 3.5 support
- Adds support for CMake "unity" builds
- Adds CMake support for building shared and static libs in a single pass
- Adds symbol hiding support to CMake
- Adds support for libssh2.rc for all build tools
- Adds .zip, .tar.xz and .tar.bz2 release tarballs
- Enables ed25519 key support for LibreSSL 3.7.0 or higher
- Improves OpenSSL 1.1 and 3 compatibility
- Now requires OpenSSL 1.0.2 or newer
- Now requires CMake 3.1 or newer
- SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs
- SFTP: No longer has a packet limit when reading a directory
- SFTP: now parses attribute extensions if they exist
- SFTP: no longer will busy loop if SFTP fails to initialize
- SFTP: now clear various errors as expected
- SFTP: no longer skips files if the line buffer is too small
- SCP: add option to not quote paths
- SCP: Enables 64-bit offset support unconditionally
- Now skips leading \r and \n characters in banner_receive()
- Enables secure memory zeroing with all build tools on all platforms
- No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive
- Speed up base64 encoding by 7x
- Assert if there is an attempt to write a value that is too large
- WinCNG: fix memory leak in _libssh2_dh_secret()
- Added protection against possible null pointer dereferences
- Agent now handles overly large comment lengths
- Now ensure KEX replies don't include extra bytes
- Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER
- Fixed possible buffer overflow in keyboard interactive code path
- Fixed overlapping memcpy()
- Fixed Windows UWP builds
- Fixed DLL import name
- Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows
- Support for building with gcc versions older than 8
- Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files
- Restores ANSI C89 compliance
- Enabled new compiler warnings and fixed/silenced them
- Improved error messages
- Now uses CIFuzz
- Numerous minor code improvements
- Improvements to CI builds
- Improvements to unit tests
- Improvements to doc files
- Improvements to example files
- Removed "old gex" build option
- Removed no-encryption/no-mac builds
- Removed support for NetWare and Watcom wmake build files
* Rebase libssh2-ocloexec.patch
-------------------------------------------------------------------
Fri Dec 10 14:41:20 UTC 2021 - David Anes <david.anes@suse.com>

27
libssh2_org.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package libssh2_org
#
# Copyright (c) 2021 SUSE LLC
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -18,14 +18,14 @@
%define pkg_name libssh2
Name: libssh2_org
Version: 1.10.0
Version: 1.11.0
Release: 0
Summary: A library implementing the SSH2 protocol
License: BSD-3-Clause
Group: Development/Libraries/C and C++
URL: https://www.libssh2.org/
Source0: https://www.libssh2.org/download/%{pkg_name}-%{version}.tar.gz
Source1: https://www.libssh2.org/download/%{pkg_name}-%{version}.tar.gz.asc
Source0: https://www.libssh2.org/download/%{pkg_name}-%{version}.tar.xz
Source1: https://www.libssh2.org/download/%{pkg_name}-%{version}.tar.xz.asc
Source2: baselibs.conf
Source3: libssh2_org.keyring
Patch0: libssh2-ocloexec.patch
@ -65,8 +65,7 @@ SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and
SECSH-PUBLICKEY.
%prep
%setup -q -n %{pkg_name}-%{version}
%patch0 -p1
%autosetup -p1 -n %{pkg_name}-%{version}
%build
sed -i -e 's@AM_CONFIG_HEADER@AC_CONFIG_HEADERS@g' configure.ac
@ -76,18 +75,20 @@ autoreconf -fiv
export CFLAGS="%{optflags} -DOPENSSL_LOAD_CONF"
%configure \
--disable-silent_rules \
--disable-static \
--enable-shared \
--disable-rpath \
--with-libz=%{_prefix} \
--with-openssl=%{_prefix}
make %{?_smp_mflags}
--disable-docker-tests \
--with-libssl-prefix=%{_prefix} \
--with-libz=%{_prefix}
%make_build
%check
make %{?_smp_mflags} check
%make_build check
%install
%make_install
rm -f %{buildroot}%{_libdir}/*.la %{buildroot}%{_libdir}/*.a
rm -f %{buildroot}%{_libdir}/*.la %{buildroot}%{_libdir}/*.a
%post -n libssh2-1 -p /sbin/ldconfig
%postun -n libssh2-1 -p /sbin/ldconfig
@ -98,7 +99,7 @@ rm -f %{buildroot}%{_libdir}/*.la %{buildroot}%{_libdir}/*.a
%files -n libssh2-devel
%defattr(-,root,root)
%doc NEWS
%doc NEWS docs/BINDINGS.md docs/HACKING.md docs/TODO
%{_libdir}/libssh2.so
%{_includedir}/*.h
%{_mandir}/man3/*