From 4f9b5aa7f5f7c286d70864c111dd114c76f1d916 Mon Sep 17 00:00:00 2001 From: Denis 'GNUtoo' Carikli Date: Wed, 19 Feb 2020 01:13:54 +0100 Subject: pcr: update guile-ssh Signed-off-by: Denis 'GNUtoo' Carikli --- pcr/guile-ssh/PKGBUILD | 39 ++++++-- pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch | 104 +++++++++++++++++++++ .../guile-ssh-0.11.3-libssh-0.8-name.patch | 88 +++++++++++++++++ .../guile-ssh-0.11.3-libssh-0.8-tests.patch | 26 ++++++ .../guile-ssh-0.11.3-libssh-0.9-ecdsa.patch | 97 +++++++++++++++++++ 5 files changed, 346 insertions(+), 8 deletions(-) create mode 100644 pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch create mode 100644 pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-name.patch create mode 100644 pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-tests.patch create mode 100644 pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.9-ecdsa.patch diff --git a/pcr/guile-ssh/PKGBUILD b/pcr/guile-ssh/PKGBUILD index b837a76c8..06c09d4a6 100644 --- a/pcr/guile-ssh/PKGBUILD +++ b/pcr/guile-ssh/PKGBUILD @@ -4,8 +4,9 @@ # no changes. pkgname=guile-ssh -pkgver=0.11.2 -pkgrel=2 +pkgver=0.11.3 +pkgrel=5 +pkgrel+=.par1 pkgdesc='SSH module for Guile based on libssh' arch=('x86_64' 'i686' 'armv7h') url="https://github.com/artyom-poptsov/guile-ssh" @@ -13,22 +14,44 @@ license=('GPL3') depends=( 'guile>=2.0.9' 'libssh>=0.7.3') -source=("https://github.com/artyom-poptsov/guile-ssh/archive/v${pkgver}.tar.gz") -sha256sums=('20e9109fe5dd21c9294a94cba12b65cc7650f359e52e7a16f3bdc89e802e13f0') +source=( + "https://github.com/artyom-poptsov/guile-ssh/archive/v${pkgver}.tar.gz" + 'guile-ssh-0.11.3-fix-segfault.patch' + 'guile-ssh-0.11.3-libssh-0.8-name.patch' + 'guile-ssh-0.11.3-libssh-0.8-tests.patch' + 'guile-ssh-0.11.3-libssh-0.9-ecdsa.patch') +sha256sums=( + '1373bf6f30ba9b4404c044fb00c0509cbd851606264803faccbf881b1efb52bc' + 'f3284d61b7166be9809e37c7ced323d45255479e51f68f46f0499d9a3056b535' + '4a0ab224a08afc832ce82dc055f23c36c56f7e63f4f2b1814571a3c930d9cae6' + '5594153165cade97481c50284aade32153801232c65a958abd3e25a2eb237841' + 'df4d3955601bc540df02c4418bc4b36b15971077c3162e328b9dfa989bc0b84b') + +prepare() { + cd "${srcdir}/${pkgname}-${pkgver}" + local source_file + for source_file in "${source[@]}"; do + case "${source_file}" in + *.patch) + patch -p1 < "${srcdir}/${source_file}" + ;; + esac + done +} build() { - cd ${srcdir}/${pkgname}-${pkgver} + cd "${srcdir}/${pkgname}-${pkgver}" autoreconf -fi ./configure --prefix=/usr --disable-rpath make } check() { - cd ${srcdir}/${pkgname}-${pkgver} - make check || true # tests unexpectedly fail + cd "${srcdir}/${pkgname}-${pkgver}" + make check } package() { - cd ${srcdir}/${pkgname}-${pkgver} + cd "${srcdir}/${pkgname}-${pkgver}" make DESTDIR="${pkgdir}" install } diff --git a/pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch b/pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch new file mode 100644 index 000000000..787dc04c9 --- /dev/null +++ b/pcr/guile-ssh/guile-ssh-0.11.3-fix-segfault.patch @@ -0,0 +1,104 @@ +From c468d9c2dc343446757360857a295736359b3024 Mon Sep 17 00:00:00 2001 +From: "Artyom V. Poptsov" +Date: Tue, 7 Aug 2018 07:55:00 +0300 +Subject: [PATCH] libguile-ssh/channel-type.c (ptob_close): Bugfix: fix a + segfault + +'ptob_close' would always get a segfault when it tried to free a closed +channel. This patch fixes that by adding a check if a channel is already +closed. + +Reported by Michael Bowcutt in + + and Njagi Mwaniki in a personal email. + +* libguile-ssh/channel-type.c (ptob_close): Check if a channel is already + closed before trying to close and free it. Improve logging. +* libguile-ssh/log.c (_gssh_log_debug, _gssh_log_debug1): New procedures +* libguile-ssh/log.h: Likewise. +--- + libguile-ssh/channel-type.c | 10 +++++++++- + libguile-ssh/log.c | 21 +++++++++++++++++++++ + libguile-ssh/log.h | 3 +++ + 3 files changed, 33 insertions(+), 1 deletion(-) + +diff --git a/libguile-ssh/channel-type.c b/libguile-ssh/channel-type.c +index ffcca64..4b0b9ae 100644 +--- a/libguile-ssh/channel-type.c ++++ b/libguile-ssh/channel-type.c +@@ -29,6 +29,7 @@ + #include "channel-type.h" + #include "error.h" + #include "common.h" ++#include "log.h" + + + /* The channel port type. Guile 2.2 introduced a new port API, so we have a +@@ -223,10 +224,17 @@ ptob_close (SCM channel) + ptob_flush (channel); + #endif + +- if (ch) ++ if (ch && ssh_channel_is_open (ch->ssh_channel)) + { ++ _gssh_log_debug ("ptob_close", "closing and freeing the channel...", ++ channel); + ssh_channel_close (ch->ssh_channel); + ssh_channel_free (ch->ssh_channel); ++ _gssh_log_debug1 ("ptob_close", "closing and freeing the channel... done"); ++ } ++ else ++ { ++ _gssh_log_debug1 ("ptob_close", "the channel is already freeed."); + } + + SCM_SETSTREAM (channel, NULL); +diff --git a/libguile-ssh/log.c b/libguile-ssh/log.c +index 6588749..e0e3027 100644 +--- a/libguile-ssh/log.c ++++ b/libguile-ssh/log.c +@@ -270,6 +270,27 @@ _gssh_log_warning (const char* function_name, const char* msg, SCM args) + scm_dynwind_end (); + } + ++void ++_gssh_log_debug (const char* function_name, const char* msg, SCM args) ++{ ++ char *c_str; ++ scm_dynwind_begin (0); ++ ++ c_str = scm_to_locale_string (scm_object_to_string (args, SCM_UNDEFINED)); ++ scm_dynwind_free (c_str); ++ ++ _ssh_log (SSH_LOG_FUNCTIONS, function_name, "[GSSH DEBUG] %s: %s", ++ msg, c_str); ++ ++ scm_dynwind_end (); ++} ++ ++void ++_gssh_log_debug1 (const char* function_name, const char* msg) ++{ ++ _ssh_log (SSH_LOG_FUNCTIONS, function_name, "[GSSH DEBUG] %s", msg); ++} ++ + + /* Initialization */ + +diff --git a/libguile-ssh/log.h b/libguile-ssh/log.h +index dd1424b..c3fe866 100644 +--- a/libguile-ssh/log.h ++++ b/libguile-ssh/log.h +@@ -28,6 +28,9 @@ extern void _gssh_log_error (const char* function_name, const char* msg, + + extern void _gssh_log_warning (const char* function_name, const char* msg, + SCM args); ++extern void _gssh_log_debug (const char* function_name, const char* msg, ++ SCM args); ++extern void _gssh_log_debug1 (const char* function_name, const char* msg); + + extern void init_log_func (void); + +-- +2.20.1 + diff --git a/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-name.patch b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-name.patch new file mode 100644 index 000000000..0f3d58daa --- /dev/null +++ b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-name.patch @@ -0,0 +1,88 @@ +From 01cafef0dd87b6afda41942070e73b55b45a5ed2 Mon Sep 17 00:00:00 2001 +From: "Artyom V. Poptsov" +Date: Mon, 1 Oct 2018 05:11:27 +0300 +Subject: [PATCH] libguile-ssh: Fix building with libssh 0.8 + +The 'libguile-ssh' library would fail to build due to missing 'libssh_threads' +library that was removed libssh 0.8. This patch fixes that. + +Reported by lantw44 in + + +* configure.ac: Add check for libssh 0.8 +* libguile-ssh/Makefile.am: Don't use 'libssh_threads' library when building + with libssh 0.8+. +* NEWS: Update. +--- + NEWS | 17 +++++++++++++++++ + configure.ac | 7 +++++++ + libguile-ssh/Makefile.am | 7 ++++++- + 3 files changed, 30 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index 84d455b..8c73d1b 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,6 +7,23 @@ Copyright (C) Artyom V. Poptsov + are permitted in any medium without royalty provided the copyright + notice and this notice are preserved. + ++* Unreleased ++** Bugfixes ++*** Fix a segfault in 'libguile-ssh' ++ The library would always fail with segmentation fault error when an ++ application tried to free a closed channel. Now it should be fixed. ++ ++ Reported by Michael Bowcutt in ++ ++ and Njagi Mwaniki in a personal email. ++*** Fix building with libssh 0.8 ++ The 'libguile-ssh' library would fail to build due to missing ++ 'libssh_threads' library that was removed libssh 0.8. Now 'libguile-ssh' ++ builds without 'libssh_threads' when using libssh 0.8+. ++ ++ Reported by lantw44 in ++ ++ + * Changes in version 0.11.3 (2018-03-27) + ** Bugfixes + *** 'node-run-server' now checks for errors +diff --git a/configure.ac b/configure.ac +index c818208..74271f7 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -64,6 +64,13 @@ PKG_CHECK_MODULES([LIBSSH_0_7_3], [libssh >= 0.7.3], + Using a potentially vulnerable version of libssh + ])]) + ++dnl Checking for libssh 0.8.x ++PKG_CHECK_MODULES([LIBSSH_0_8], [libssh >= 0.8.0], ++ [AC_DEFINE(HAVE_LIBSSH_0_8, 1, [Use libssh 0.8])], ++ [AC_DEFINE(HAVE_LIBSSH_0_8, 0, [Use libssh < 0.8])]) ++ ++AM_CONDITIONAL(HAVE_LIBSSH_0_8, $HAVE_LIBSSH_0_8) ++ + # ------------------------------------------------------------------------------- + + dnl These macros must be provided by guile.m4. +diff --git a/libguile-ssh/Makefile.am b/libguile-ssh/Makefile.am +index 1ffb6c0..523d77a 100644 +--- a/libguile-ssh/Makefile.am ++++ b/libguile-ssh/Makefile.am +@@ -44,7 +44,12 @@ BUILT_SOURCES = auth.x channel-func.x channel-type.x error.x \ + + libguile_ssh_la_CPPFLAGS = $(GUILE_CFLAGS) + +-libguile_ssh_la_LDFLAGS = -module -no-undefined -lssh_threads -lssh \ ++SSH_LD_FLAGS = -lssh ++if ! HAVE_LIBSSH_0_8 ++SSH_LD_FLAGS += -lssh_threads ++endif ++ ++libguile_ssh_la_LDFLAGS = -module -no-undefined $(SSH_LD_FLAGS) \ + -version-info $(LIBGUILE_SSH_INTERFACE) $(GUILE_LDFLAGS) + + AM_CFLAGS = $(WARN_CFLAGS) +-- +2.20.1 + diff --git a/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-tests.patch b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-tests.patch new file mode 100644 index 000000000..8b1b65259 --- /dev/null +++ b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.8-tests.patch @@ -0,0 +1,26 @@ +From dac7ae6f3347056f46d664f6104cf6425ae25394 Mon Sep 17 00:00:00 2001 +From: "Artyom V. Poptsov" +Date: Wed, 2 Jan 2019 11:47:50 +0300 +Subject: [PATCH] tests/server.scm ("server-set!, valid values"): Add fix for + libssh 0.8 + +--- + tests/server.scm | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/server.scm b/tests/server.scm +index 7a37a96..c7f8b6c 100644 +--- a/tests/server.scm ++++ b/tests/server.scm +@@ -52,7 +52,7 @@ + (topdir (getenv "abs_top_srcdir")) + (options `((bindaddr "127.0.0.1") + (bindport 22) +- ,(if (= %libssh-minor-version 7) ++ ,(if (>= %libssh-minor-version 7) + (list 'hostkey %rsakey %dsakey) + '(hostkey "ssh-rsa" "ssh-dss")) + (rsakey ,%rsakey) +-- +2.20.1 + diff --git a/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.9-ecdsa.patch b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.9-ecdsa.patch new file mode 100644 index 000000000..1817c8b7f --- /dev/null +++ b/pcr/guile-ssh/guile-ssh-0.11.3-libssh-0.9-ecdsa.patch @@ -0,0 +1,97 @@ +From 104d797096e966e91f777959d7cc5d8831c1a942 Mon Sep 17 00:00:00 2001 +From: "Artyom V. Poptsov" +Date: Sun, 15 Sep 2019 21:03:07 +0300 +Subject: [PATCH] key-type.c: Add new ECDSA key types from libssh 0.9 + +The Guile-SSH key procedures would fail when libssh 0.9 + openssl is used on +ECDSA keys because it was missing support of new ECDSA key subtypes. This +change fixes the library and the tests. + +* libguile-ssh/key-type.c: Add new ECDSA key types from libssh 0.9 +* tests/key.scm: Update tests. +* configure.ac: Check for libssh 0.9 +--- + configure.ac | 8 ++++++-- + libguile-ssh/key-type.c | 12 +++++++++++- + tests/key.scm | 13 +++++++++---- + 3 files changed, 26 insertions(+), 7 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 74271f7..99d35af 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -69,7 +69,11 @@ PKG_CHECK_MODULES([LIBSSH_0_8], [libssh >= 0.8.0], + [AC_DEFINE(HAVE_LIBSSH_0_8, 1, [Use libssh 0.8])], + [AC_DEFINE(HAVE_LIBSSH_0_8, 0, [Use libssh < 0.8])]) + +-AM_CONDITIONAL(HAVE_LIBSSH_0_8, $HAVE_LIBSSH_0_8) ++PKG_CHECK_MODULES([LIBSSH_0_9], [libssh >= 0.9.0], ++ [AC_DEFINE(HAVE_LIBSSH_0_9, 1, [Use libssh 0.9])], ++ [AC_DEFINE(HAVE_LIBSSH_0_9, 0, [Use libssh < 0.9])]) ++ ++AM_CONDITIONAL(HAVE_LIBSSH_0_8, $HAVE_LIBSSH_0_8) + + # ------------------------------------------------------------------------------- + +diff --git a/libguile-ssh/key-type.c b/libguile-ssh/key-type.c +index ab67ecd..12617ce 100644 +--- a/libguile-ssh/key-type.c ++++ b/libguile-ssh/key-type.c +@@ -42,7 +42,17 @@ static const struct symbol_mapping key_types[] = { + { "dss", SSH_KEYTYPE_DSS }, + { "rsa", SSH_KEYTYPE_RSA }, + { "rsa1", SSH_KEYTYPE_RSA1 }, +- { "ecdsa", SSH_KEYTYPE_ECDSA }, ++ { "ecdsa", SSH_KEYTYPE_ECDSA }, /* Deprecated in libssh 0.9 */ ++ ++#ifdef HAVE_LIBSSH_0_9 ++ { "ecdsa-p256", SSH_KEYTYPE_ECDSA_P256 }, ++ { "ecdsa-p384", SSH_KEYTYPE_ECDSA_P384 }, ++ { "ecdsa-p521", SSH_KEYTYPE_ECDSA_P521 }, ++ { "ecdsa-p256-cert01", SSH_KEYTYPE_ECDSA_P256_CERT01 }, ++ { "ecdsa-p384-cert01", SSH_KEYTYPE_ECDSA_P384_CERT01 }, ++ { "ecdsa-p521-cert01", SSH_KEYTYPE_ECDSA_P521_CERT01 }, ++#endif ++ + { "ed25519", SSH_KEYTYPE_ED25519 }, + { "unknown", SSH_KEYTYPE_UNKNOWN }, + { NULL, -1 } +diff --git a/tests/key.scm b/tests/key.scm +index c4394b1..be31378 100644 +--- a/tests/key.scm ++++ b/tests/key.scm +@@ -89,9 +89,11 @@ + + (test-assert-with-log "get-key-type" + (and (eq? 'rsa (get-key-type *rsa-key*)) +- (eq? 'dss (get-key-type *dsa-key*)) ++ (eq? 'dss (get-key-type *dsa-key*)) ;)) + (when-openssl +- (eq? 'ecdsa (get-key-type *ecdsa-key*))))) ++ (or (eq? 'ecdsa-p256 (get-key-type *ecdsa-key*)) ++ ;; For libssh versions prior to 0.9 ++ (eq? 'ecdsa (get-key-type *ecdsa-key*)))))) + + + (test-assert-with-log "private-key-to-file" +@@ -138,7 +140,9 @@ + + (when-openssl + (test-equal "string->public-key, ECDSA" +- (public-key->string (string->public-key %ecdsakey-pub-string 'ecdsa)) ++ (if (string=? (cadr (string-split (get-libssh-version) #\.)) "9") ++ (public-key->string (string->public-key %ecdsakey-pub-string 'ecdsa-p256)) ++ (public-key->string (string->public-key %ecdsakey-pub-string 'ecdsa))) + %ecdsakey-pub-string)) + + (test-assert-with-log "string->public-key, RSA, gc test" +@@ -162,7 +166,8 @@ + (when-openssl + (let ((key (make-keypair 'ecdsa 256))) + (and (key? key) +- (eq? (get-key-type key) 'ecdsa)))))) ++ (or (eq? (get-key-type key) 'ecdsa) ; libssh < 0.9 ++ (eq? (get-key-type key) 'ecdsa-p256))))))) + + ;;; + -- cgit v1.2.3