summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>2020-02-19 01:13:54 +0100
committerDenis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>2020-02-19 01:15:48 +0100
commit4f9b5aa7f5f7c286d70864c111dd114c76f1d916 (patch)
tree46bedfdbcff5a1635dd95df7741fae7b42eb5e4c
parentdd3916811cd0875e66eaefdcaccd0d1fafbe65b6 (diff)
pcr: update guile-ssh
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Diffstat
-rw-r--r--pcr/guile-ssh/PKGBUILD39
-rw-r--r--pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch104
-rw-r--r--pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-name.patch88
-rw-r--r--pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-tests.patch26
-rw-r--r--pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.9-ecdsa.patch97
5 files changed, 346 insertions, 8 deletions
diff --git a/pcr/guile-ssh/PKGBUILD b/pcr/guile-ssh/PKGBUILD
index b837a76c8..06c09d4a6 100644
--- a/pcr/guile-ssh/PKGBUILD
+++ b/pcr/guile-ssh/PKGBUILD
@@ -4,8 +4,9 @@
# no changes.
pkgname=guile-ssh
-pkgver=0.11.2
-pkgrel=2
+pkgver=0.11.3
+pkgrel=5
+pkgrel+=.par1
pkgdesc='SSH module for Guile based on libssh'
arch=('x86_64' 'i686' 'armv7h')
url="https://github.com/artyom-poptsov/guile-ssh"
@@ -13,22 +14,44 @@ license=('GPL3')
depends=(
'guile>=2.0.9'
'libssh>=0.7.3')
-source=("https://github.com/artyom-poptsov/guile-ssh/archive/v${pkgver}.tar.gz")
-sha256sums=('20e9109fe5dd21c9294a94cba12b65cc7650f359e52e7a16f3bdc89e802e13f0')
+source=(
+ "https://github.com/artyom-poptsov/guile-ssh/archive/v${pkgver}.tar.gz"
+ 'guile-ssh-0.11.3-fix-segfault.patch'
+ 'guile-ssh-0.11.3-libssh-0.8-name.patch'
+ 'guile-ssh-0.11.3-libssh-0.8-tests.patch'
+ 'guile-ssh-0.11.3-libssh-0.9-ecdsa.patch')
+sha256sums=(
+ '1373bf6f30ba9b4404c044fb00c0509cbd851606264803faccbf881b1efb52bc'
+ 'f3284d61b7166be9809e37c7ced323d45255479e51f68f46f0499d9a3056b535'
+ '4a0ab224a08afc832ce82dc055f23c36c56f7e63f4f2b1814571a3c930d9cae6'
+ '5594153165cade97481c50284aade32153801232c65a958abd3e25a2eb237841'
+ 'df4d3955601bc540df02c4418bc4b36b15971077c3162e328b9dfa989bc0b84b')
+
+prepare() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ local source_file
+ for source_file in "${source[@]}"; do
+ case "${source_file}" in
+ *.patch)
+ patch -p1 < "${srcdir}/${source_file}"
+ ;;
+ esac
+ done
+}
build() {
- cd ${srcdir}/${pkgname}-${pkgver}
+ cd "${srcdir}/${pkgname}-${pkgver}"
autoreconf -fi
./configure --prefix=/usr --disable-rpath
make
}
check() {
- cd ${srcdir}/${pkgname}-${pkgver}
- make check || true # tests unexpectedly fail
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make check
}
package() {
- cd ${srcdir}/${pkgname}-${pkgver}
+ cd "${srcdir}/${pkgname}-${pkgver}"
make DESTDIR="${pkgdir}" install
}
diff --git a/pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch b/pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch
new file mode 100644
index 000000000..787dc04c9
--- /dev/null
+++ b/pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch
@@ -0,0 +1,104 @@
+From c468d9c2dc343446757360857a295736359b3024 Mon Sep 17 00:00:00 2001
+From: "Artyom V. Poptsov" <poptsov.artyom@gmail.com>
+Date: Tue, 7 Aug 2018 07:55:00 +0300
+Subject: [PATCH] libguile-ssh/channel-type.c (ptob_close): Bugfix: fix a
+ segfault
+
+'ptob_close' would always get a segfault when it tried to free a closed
+channel. This patch fixes that by adding a check if a channel is already
+closed.
+
+Reported by Michael Bowcutt <mbowcutt@case.edu> in
+ <https://github.com/artyom-poptsov/guile-ssh/issues/8>
+ and Njagi Mwaniki in a personal email.
+
+* libguile-ssh/channel-type.c (ptob_close): Check if a channel is already
+ closed before trying to close and free it. Improve logging.
+* libguile-ssh/log.c (_gssh_log_debug, _gssh_log_debug1): New procedures
+* libguile-ssh/log.h: Likewise.
+---
+ libguile-ssh/channel-type.c | 10 +++++++++-
+ libguile-ssh/log.c | 21 +++++++++++++++++++++
+ libguile-ssh/log.h | 3 +++
+ 3 files changed, 33 insertions(+), 1 deletion(-)
+
+diff --git a/libguile-ssh/channel-type.c b/libguile-ssh/channel-type.c
+index ffcca64..4b0b9ae 100644
+--- a/libguile-ssh/channel-type.c
++++ b/libguile-ssh/channel-type.c
+@@ -29,6 +29,7 @@
+ #include "channel-type.h"
+ #include "error.h"
+ #include "common.h"
++#include "log.h"
+
+
+ /* The channel port type. Guile 2.2 introduced a new port API, so we have a
+@@ -223,10 +224,17 @@ ptob_close (SCM channel)
+ ptob_flush (channel);
+ #endif
+
+- if (ch)
++ if (ch && ssh_channel_is_open (ch->ssh_channel))
+ {
++ _gssh_log_debug ("ptob_close", "closing and freeing the channel...",
++ channel);
+ ssh_channel_close (ch->ssh_channel);
+ ssh_channel_free (ch->ssh_channel);
++ _gssh_log_debug1 ("ptob_close", "closing and freeing the channel... done");
++ }
++ else
++ {
++ _gssh_log_debug1 ("ptob_close", "the channel is already freeed.");
+ }
+
+ SCM_SETSTREAM (channel, NULL);
+diff --git a/libguile-ssh/log.c b/libguile-ssh/log.c
+index 6588749..e0e3027 100644
+--- a/libguile-ssh/log.c
++++ b/libguile-ssh/log.c
+@@ -270,6 +270,27 @@ _gssh_log_warning (const char* function_name, const char* msg, SCM args)
+ scm_dynwind_end ();
+ }
+
++void
++_gssh_log_debug (const char* function_name, const char* msg, SCM args)
++{
++ char *c_str;
++ scm_dynwind_begin (0);
++
++ c_str = scm_to_locale_string (scm_object_to_string (args, SCM_UNDEFINED));
++ scm_dynwind_free (c_str);
++
++ _ssh_log (SSH_LOG_FUNCTIONS, function_name, "[GSSH DEBUG] %s: %s",
++ msg, c_str);
++
++ scm_dynwind_end ();
++}
++
++void
++_gssh_log_debug1 (const char* function_name, const char* msg)
++{
++ _ssh_log (SSH_LOG_FUNCTIONS, function_name, "[GSSH DEBUG] %s", msg);
++}
++
+
+ /* Initialization */
+
+diff --git a/libguile-ssh/log.h b/libguile-ssh/log.h
+index dd1424b..c3fe866 100644
+--- a/libguile-ssh/log.h
++++ b/libguile-ssh/log.h
+@@ -28,6 +28,9 @@ extern void _gssh_log_error (const char* function_name, const char* msg,
+
+ extern void _gssh_log_warning (const char* function_name, const char* msg,
+ SCM args);
++extern void _gssh_log_debug (const char* function_name, const char* msg,
++ SCM args);
++extern void _gssh_log_debug1 (const char* function_name, const char* msg);
+
+ extern void init_log_func (void);
+
+--
+2.20.1
+
diff --git a/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-name.patch b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-name.patch
new file mode 100644
index 000000000..0f3d58daa
--- /dev/null
+++ b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-name.patch
@@ -0,0 +1,88 @@
+From 01cafef0dd87b6afda41942070e73b55b45a5ed2 Mon Sep 17 00:00:00 2001
+From: "Artyom V. Poptsov" <poptsov.artyom@gmail.com>
+Date: Mon, 1 Oct 2018 05:11:27 +0300
+Subject: [PATCH] libguile-ssh: Fix building with libssh 0.8
+
+The 'libguile-ssh' library would fail to build due to missing 'libssh_threads'
+library that was removed libssh 0.8. This patch fixes that.
+
+Reported by lantw44 in
+<https://github.com/artyom-poptsov/guile-ssh/issues/9>
+
+* configure.ac: Add check for libssh 0.8
+* libguile-ssh/Makefile.am: Don't use 'libssh_threads' library when building
+ with libssh 0.8+.
+* NEWS: Update.
+---
+ NEWS | 17 +++++++++++++++++
+ configure.ac | 7 +++++++
+ libguile-ssh/Makefile.am | 7 ++++++-
+ 3 files changed, 30 insertions(+), 1 deletion(-)
+
+diff --git a/NEWS b/NEWS
+index 84d455b..8c73d1b 100644
+--- a/NEWS
++++ b/NEWS
+@@ -7,6 +7,23 @@ Copyright (C) Artyom V. Poptsov <poptsov.artyom@gmail.com>
+ are permitted in any medium without royalty provided the copyright
+ notice and this notice are preserved.
+
++* Unreleased
++** Bugfixes
++*** Fix a segfault in 'libguile-ssh'
++ The library would always fail with segmentation fault error when an
++ application tried to free a closed channel. Now it should be fixed.
++
++ Reported by Michael Bowcutt <mbowcutt@case.edu> in
++ <https://github.com/artyom-poptsov/guile-ssh/issues/8>
++ and Njagi Mwaniki in a personal email.
++*** Fix building with libssh 0.8
++ The 'libguile-ssh' library would fail to build due to missing
++ 'libssh_threads' library that was removed libssh 0.8. Now 'libguile-ssh'
++ builds without 'libssh_threads' when using libssh 0.8+.
++
++ Reported by lantw44 in
++ <https://github.com/artyom-poptsov/guile-ssh/issues/9>
++
+ * Changes in version 0.11.3 (2018-03-27)
+ ** Bugfixes
+ *** 'node-run-server' now checks for errors
+diff --git a/configure.ac b/configure.ac
+index c818208..74271f7 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -64,6 +64,13 @@ PKG_CHECK_MODULES([LIBSSH_0_7_3], [libssh >= 0.7.3],
+ Using a potentially vulnerable version of libssh
+ <https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/>])])
+
++dnl Checking for libssh 0.8.x
++PKG_CHECK_MODULES([LIBSSH_0_8], [libssh >= 0.8.0],
++ [AC_DEFINE(HAVE_LIBSSH_0_8, 1, [Use libssh 0.8])],
++ [AC_DEFINE(HAVE_LIBSSH_0_8, 0, [Use libssh < 0.8])])
++
++AM_CONDITIONAL(HAVE_LIBSSH_0_8, $HAVE_LIBSSH_0_8)
++
+ # -------------------------------------------------------------------------------
+
+ dnl These macros must be provided by guile.m4.
+diff --git a/libguile-ssh/Makefile.am b/libguile-ssh/Makefile.am
+index 1ffb6c0..523d77a 100644
+--- a/libguile-ssh/Makefile.am
++++ b/libguile-ssh/Makefile.am
+@@ -44,7 +44,12 @@ BUILT_SOURCES = auth.x channel-func.x channel-type.x error.x \
+
+ libguile_ssh_la_CPPFLAGS = $(GUILE_CFLAGS)
+
+-libguile_ssh_la_LDFLAGS = -module -no-undefined -lssh_threads -lssh \
++SSH_LD_FLAGS = -lssh
++if ! HAVE_LIBSSH_0_8
++SSH_LD_FLAGS += -lssh_threads
++endif
++
++libguile_ssh_la_LDFLAGS = -module -no-undefined $(SSH_LD_FLAGS) \
+ -version-info $(LIBGUILE_SSH_INTERFACE) $(GUILE_LDFLAGS)
+
+ AM_CFLAGS = $(WARN_CFLAGS)
+--
+2.20.1
+
diff --git a/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-tests.patch b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-tests.patch
new file mode 100644
index 000000000..8b1b65259
--- /dev/null
+++ b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-tests.patch
@@ -0,0 +1,26 @@
+From dac7ae6f3347056f46d664f6104cf6425ae25394 Mon Sep 17 00:00:00 2001
+From: "Artyom V. Poptsov" <poptsov.artyom@gmail.com>
+Date: Wed, 2 Jan 2019 11:47:50 +0300
+Subject: [PATCH] tests/server.scm ("server-set!, valid values"): Add fix for
+ libssh 0.8
+
+---
+ tests/server.scm | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/server.scm b/tests/server.scm
+index 7a37a96..c7f8b6c 100644
+--- a/tests/server.scm
++++ b/tests/server.scm
+@@ -52,7 +52,7 @@
+ (topdir (getenv "abs_top_srcdir"))
+ (options `((bindaddr "127.0.0.1")
+ (bindport 22)
+- ,(if (= %libssh-minor-version 7)
++ ,(if (>= %libssh-minor-version 7)
+ (list 'hostkey %rsakey %dsakey)
+ '(hostkey "ssh-rsa" "ssh-dss"))
+ (rsakey ,%rsakey)
+--
+2.20.1
+
diff --git a/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.9-ecdsa.patch b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.9-ecdsa.patch
new file mode 100644
index 000000000..1817c8b7f
--- /dev/null
+++ b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.9-ecdsa.patch
@@ -0,0 +1,97 @@
+From 104d797096e966e91f777959d7cc5d8831c1a942 Mon Sep 17 00:00:00 2001
+From: "Artyom V. Poptsov" <poptsov.artyom@gmail.com>
+Date: Sun, 15 Sep 2019 21:03:07 +0300
+Subject: [PATCH] key-type.c: Add new ECDSA key types from libssh 0.9
+
+The Guile-SSH key procedures would fail when libssh 0.9 + openssl is used on
+ECDSA keys because it was missing support of new ECDSA key subtypes. This
+change fixes the library and the tests.
+
+* libguile-ssh/key-type.c: Add new ECDSA key types from libssh 0.9
+* tests/key.scm: Update tests.
+* configure.ac: Check for libssh 0.9
+---
+ configure.ac | 8 ++++++--
+ libguile-ssh/key-type.c | 12 +++++++++++-
+ tests/key.scm | 13 +++++++++----
+ 3 files changed, 26 insertions(+), 7 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 74271f7..99d35af 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -69,7 +69,11 @@ PKG_CHECK_MODULES([LIBSSH_0_8], [libssh >= 0.8.0],
+ [AC_DEFINE(HAVE_LIBSSH_0_8, 1, [Use libssh 0.8])],
+ [AC_DEFINE(HAVE_LIBSSH_0_8, 0, [Use libssh < 0.8])])
+
+-AM_CONDITIONAL(HAVE_LIBSSH_0_8, $HAVE_LIBSSH_0_8)
++PKG_CHECK_MODULES([LIBSSH_0_9], [libssh >= 0.9.0],
++ [AC_DEFINE(HAVE_LIBSSH_0_9, 1, [Use libssh 0.9])],
++ [AC_DEFINE(HAVE_LIBSSH_0_9, 0, [Use libssh < 0.9])])
++
++AM_CONDITIONAL(HAVE_LIBSSH_0_8, $HAVE_LIBSSH_0_8)
+
+ # -------------------------------------------------------------------------------
+
+diff --git a/libguile-ssh/key-type.c b/libguile-ssh/key-type.c
+index ab67ecd..12617ce 100644
+--- a/libguile-ssh/key-type.c
++++ b/libguile-ssh/key-type.c
+@@ -42,7 +42,17 @@ static const struct symbol_mapping key_types[] = {
+ { "dss", SSH_KEYTYPE_DSS },
+ { "rsa", SSH_KEYTYPE_RSA },
+ { "rsa1", SSH_KEYTYPE_RSA1 },
+- { "ecdsa", SSH_KEYTYPE_ECDSA },
++ { "ecdsa", SSH_KEYTYPE_ECDSA }, /* Deprecated in libssh 0.9 */
++
++#ifdef HAVE_LIBSSH_0_9
++ { "ecdsa-p256", SSH_KEYTYPE_ECDSA_P256 },
++ { "ecdsa-p384", SSH_KEYTYPE_ECDSA_P384 },
++ { "ecdsa-p521", SSH_KEYTYPE_ECDSA_P521 },
++ { "ecdsa-p256-cert01", SSH_KEYTYPE_ECDSA_P256_CERT01 },
++ { "ecdsa-p384-cert01", SSH_KEYTYPE_ECDSA_P384_CERT01 },
++ { "ecdsa-p521-cert01", SSH_KEYTYPE_ECDSA_P521_CERT01 },
++#endif
++
+ { "ed25519", SSH_KEYTYPE_ED25519 },
+ { "unknown", SSH_KEYTYPE_UNKNOWN },
+ { NULL, -1 }
+diff --git a/tests/key.scm b/tests/key.scm
+index c4394b1..be31378 100644
+--- a/tests/key.scm
++++ b/tests/key.scm
+@@ -89,9 +89,11 @@
+
+ (test-assert-with-log "get-key-type"
+ (and (eq? 'rsa (get-key-type *rsa-key*))
+- (eq? 'dss (get-key-type *dsa-key*))
++ (eq? 'dss (get-key-type *dsa-key*)) ;))
+ (when-openssl
+- (eq? 'ecdsa (get-key-type *ecdsa-key*)))))
++ (or (eq? 'ecdsa-p256 (get-key-type *ecdsa-key*))
++ ;; For libssh versions prior to 0.9
++ (eq? 'ecdsa (get-key-type *ecdsa-key*))))))
+
+
+ (test-assert-with-log "private-key-to-file"
+@@ -138,7 +140,9 @@
+
+ (when-openssl
+ (test-equal "string->public-key, ECDSA"
+- (public-key->string (string->public-key %ecdsakey-pub-string 'ecdsa))
++ (if (string=? (cadr (string-split (get-libssh-version) #\.)) "9")
++ (public-key->string (string->public-key %ecdsakey-pub-string 'ecdsa-p256))
++ (public-key->string (string->public-key %ecdsakey-pub-string 'ecdsa)))
+ %ecdsakey-pub-string))
+
+ (test-assert-with-log "string->public-key, RSA, gc test"
+@@ -162,7 +166,8 @@
+ (when-openssl
+ (let ((key (make-keypair 'ecdsa 256)))
+ (and (key? key)
+- (eq? (get-key-type key) 'ecdsa))))))
++ (or (eq? (get-key-type key) 'ecdsa) ; libssh < 0.9
++ (eq? (get-key-type key) 'ecdsa-p256)))))))
+
+ ;;;
+
generated by cgit v1.2.2 (git 2.25.0) at 2024-05-14 06:23:28 +0000