packages/libssh2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to 1.11.0

Browse Source
This commit is contained in:
renmingshuai 2023-08-07 21:35:30 +08:00
parent 0c0abaf639
commit 4543567fec
12 changed files with 14 additions and 1518 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
backport-Fix-a-memcmp-errors-in-code-that-was-changed-from-me.patch
View File

@ -1,41 +0,0 @@
From 13ad7b2f5cd67e0dc843098ce19ce8b208368c29 Mon Sep 17 00:00:00 2001
From: Michael Buckley <michael@buckleyisms.com>
Date: Thu, 6 Jan 2022 13:56:22 -0800
Subject: [PATCH] Fix a memcmp errors in code that was changed from memmem to
memcmp (#656)
Notes:
Fixed supported algo prefs list check when upgrading rsa keys
Credit: Michael Buckley
Conflict:NA
Reference:https://github.com/libssh2/commit/13ad7b2f5cd67e0dc843098ce19ce8b208368c29
---
src/userauth.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/userauth.c b/src/userauth.c
index 988dc17..29f58ba 100644
--- a/src/userauth.c
+++ b/src/userauth.c
@@ -1147,7 +1147,7 @@ _libssh2_key_sign_algorithm(LIBSSH2_SESSION *session,
f = strchr(a, ',');
f_len = f ? (f - a) : (int) strlen(a);
- if(f_len == p_len && memcmp(a, s, p_len)) {
+ if(f_len == p_len && memcmp(a, s, p_len) == 0) {
if(i != filtered_algs) {
memcpy(i, ",", 1);
@@ -1185,7 +1185,7 @@ _libssh2_key_sign_algorithm(LIBSSH2_SESSION *session,
f = strchr(a, ',');
f_len = f ? (f - a) : (int) strlen(a);
- if(f_len == p_len && memcmp(a, s, p_len)) {
+ if(f_len == p_len && memcmp(a, s, p_len) == 0) {
/* found a match, upgrade key method */
match = s;
match_len = p_len;
--
2.23.0

172
backport-Legacy-Agent-support-for-rsa2-key-upgrading-downgrad.patch
View File

@ -1,172 +0,0 @@
From de7a74aff24c47b2f2e9815f0a98598195d602e4 Mon Sep 17 00:00:00 2001
From: Will Cosgrove <will@panic.com>
Date: Fri, 14 Jan 2022 11:55:18 -0800
Subject: [PATCH] Legacy Agent support for rsa2 key upgrading/downgrading #659
(#662)
Files: libssh2.h, agent.c, userauth.c
Notes:
Part 2 of the fix for #659. This adds rsa key downgrading for agents that don't support sha2 upgrading. It also adds better trace output for debugging/logging around key upgrading.
Credit:
Will Cosgrove (signed off by Michael Buckley)
Conflict:NA
Reference:https://github.com/libssh2/commit/de7a74aff24c47b2f2e9815f0a98598195d602e4
---
include/libssh2.h | 1 +
src/agent.c | 27 +++++++++++++++++++++++++++
src/userauth.c | 43 ++++++++++++++++++++++++++++++++++---------
3 files changed, 62 insertions(+), 9 deletions(-)
diff --git a/include/libssh2.h b/include/libssh2.h
index 20ba548..15dda6f 100644
--- a/include/libssh2.h
+++ b/include/libssh2.h
@@ -508,5 +508,6 @@ typedef struct _LIBSSH2_POLLFD {
#define LIBSSH2_ERROR_KEYFILE_AUTH_FAILED -48
#define LIBSSH2_ERROR_RANDGEN -49
+#define LIBSSH2_ERROR_ALGO_UNSUPPORTED -51
/* this is a define to provide the old (<= 1.2.7) name */
#define LIBSSH2_ERROR_BANNER_NONE LIBSSH2_ERROR_BANNER_RECV
diff --git a/src/agent.c b/src/agent.c
index bce7175..4ed79ac 100644
--- a/src/agent.c
+++ b/src/agent.c
@@ -379,6 +379,7 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
ssize_t method_len;
unsigned char *s;
int rc;
+ unsigned char *method_name = NULL;
uint32_t sign_flags = 0;
/* Create a request to sign the data */
@@ -465,8 +466,28 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
rc = LIBSSH2_ERROR_AGENT_PROTOCOL;
goto error;
}
+
+ /* method name */
+ method_name = LIBSSH2_ALLOC(session, method_len);
+ if(!method_name) {
+ rc = LIBSSH2_ERROR_ALLOC;
+ goto error;
+ }
+ memcpy(method_name, s, method_len);
s += method_len;
+ /* check to see if we match requested */
+ if((size_t)method_len != session->userauth_pblc_method_len ||
+ memcmp(method_name, session->userauth_pblc_method, method_len)) {
+ _libssh2_debug(session,
+ LIBSSH2_TRACE_KEX,
+ "Agent sign method %.*s",
+ method_len, method_name);
+
+ rc = LIBSSH2_ERROR_ALGO_UNSUPPORTED;
+ goto error;
+ }
+
/* Read the signature */
len -= 4;
if(len < 0) {
@@ -489,12 +510,18 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
memcpy(*sig, s, *sig_len);
error:
+
+ if(method_name)
+ LIBSSH2_FREE(session, method_name);
+
LIBSSH2_FREE(session, transctx->request);
transctx->request = NULL;
LIBSSH2_FREE(session, transctx->response);
transctx->response = NULL;
+ transctx->state = agent_NB_state_init;
+
return _libssh2_error(session, rc, "agent sign failure");
}
diff --git a/src/userauth.c b/src/userauth.c
index 84285bf..59b76ca 100644
--- a/src/userauth.c
+++ b/src/userauth.c
@@ -1283,9 +1283,6 @@ _libssh2_key_sign_algorithm(LIBSSH2_SESSION *session,
if(key_method) {
memcpy(*key_method, match, match_len);
*key_method_len = match_len;
-
- _libssh2_debug(session, LIBSSH2_TRACE_KEX,
- "Signing using %.*s", match_len, match);
}
else {
*key_method_len = 0;
@@ -1321,6 +1318,10 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
};
int rc;
unsigned char *s;
+ int auth_attempts = 0;
+
+ retry_auth:
+ auth_attempts++;
if(session->userauth_pblc_state == libssh2_NB_state_idle) {
@@ -1364,13 +1365,26 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
session->userauth_pblc_method_len);
}
- /* upgrade key key signing algo needed */
- rc = _libssh2_key_sign_algorithm(session,
- &session->userauth_pblc_method,
- &session->userauth_pblc_method_len);
+ /* upgrade key signing algo if it is supported and
+ * it is our first auth attempt, otherwise fallback to
+ * the key default algo */
+ if(auth_attempts == 1) {
+ rc = _libssh2_key_sign_algorithm(session,
+ &session->userauth_pblc_method,
+ &session->userauth_pblc_method_len);
- if(rc)
- return rc;
+ if(rc)
+ return rc;
+ }
+
+ if(session->userauth_pblc_method_len &&
+ session->userauth_pblc_method) {
+ _libssh2_debug(session,
+ LIBSSH2_TRACE_KEX,
+ "Signing using %.*s",
+ session->userauth_pblc_method_len,
+ session->userauth_pblc_method);
+ }
/*
* 45 = packet_type(1) + username_len(4) + servicename_len(4) +
@@ -1528,6 +1542,17 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
"Would block");
}
+ else if(rc == LIBSSH2_ERROR_ALGO_UNSUPPORTED && auth_attempts == 1) {
+ /* try again with the default key algo */
+ LIBSSH2_FREE(session, session->userauth_pblc_method);
+ session->userauth_pblc_method = NULL;
+ LIBSSH2_FREE(session, session->userauth_pblc_packet);
+ session->userauth_pblc_packet = NULL;
+ session->userauth_pblc_state = libssh2_NB_state_idle;
+
+ rc = LIBSSH2_ERROR_NONE;
+ goto retry_auth;
+ }
else if(rc) {
LIBSSH2_FREE(session, session->userauth_pblc_method);
session->userauth_pblc_method = NULL;
--
2.23.0

58
backport-NULL-terminate-server_sign_algorithms-string-669.patch
View File

@ -1,58 +0,0 @@
From 2a2aaed3b6c3c1dc25e35e11afcfb23f88a18510 Mon Sep 17 00:00:00 2001
From: tihmstar <tihmstar@gmail.com>
Date: Thu, 3 Feb 2022 19:11:36 +0100
Subject: [PATCH] NULL terminate server_sign_algorithms string (#669)
files: packet.c, libssh2_priv.h
notes:
* Fix heap buffer overflow in _libssh2_key_sign_algorithm
When allocating `session->server_sign_algorithms` which is a `char*` is is important to also allocate space for the string-terminating null byte at the end and make sure the string is actually null terminated.
Without this fix, the `strchr()` call inside the `_libssh2_key_sign_algorithm` (line 1219) function will try to parse the string and go out of buffer on the last invocation.
Credit: tihmstar
Co-authored-by: Will Cosgrove <will@panic.com>
Conflict:NA
Reference:https://github.com/libssh2/commit/2a2aaed3b6c3c1dc25e35e11afcfb23f88a18510
---
src/libssh2_priv.h | 1 -
src/packet.c | 4 ++--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/libssh2_priv.h b/src/libssh2_priv.h
index f218a83..be16ad2 100644
--- a/src/libssh2_priv.h
+++ b/src/libssh2_priv.h
@@ -642,7 +642,6 @@ struct _LIBSSH2_SESSION
/* public key algorithms accepted as comma separated list */
char *server_sign_algorithms;
- size_t server_sign_algorithms_len;
/* key signing algorithm preferences -- NULL yields server order */
char *sign_algo_prefs;
diff --git a/src/packet.c b/src/packet.c
index 686be5c..c3756a8 100644
--- a/src/packet.c
+++ b/src/packet.c
@@ -665,12 +665,12 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
session->server_sign_algorithms =
LIBSSH2_ALLOC(session,
- value_len);
+ value_len + 1);
if(session->server_sign_algorithms) {
- session->server_sign_algorithms_len = value_len;
memcpy(session->server_sign_algorithms,
value, value_len);
+ session->server_sign_algorithms[value_len] = '\0';
}
else {
rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
--
2.23.0

1025
backport-RSA-SHA2-256-512-key-upgrade-support-RFC-8332.patch
View File

File diff suppressed because it is too large Load Diff

33
backport-Skip-leading-r-and-n-characters-in-banner_receive-76.patch
View File

@ -1,33 +0,0 @@
From 821d50dad313b53fb2782f26aec1f52f1be34fc0 Mon Sep 17 00:00:00 2001
From: Michael Buckley <michael@buckleyisms.com>
Date: Wed, 9 Nov 2022 15:56:22 -0800
Subject: [PATCH] Skip leading \r and \n characters in banner_receive() (#769)
Fixes #768
Credit:
Michael Buckley
Conflict:NA
Reference:https://github.com/libssh2/commit/821d50dad313b53fb2782f26aec1f52f1be34fc0
---
src/session.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/session.c b/src/session.c
index 3549152..235ab95 100644
--- a/src/session.c
+++ b/src/session.c
@@ -147,6 +147,10 @@ banner_receive(LIBSSH2_SESSION * session)
return LIBSSH2_ERROR_SOCKET_DISCONNECT;
}
+ if((c == '\r' || c == '\n') && banner_len == 0) {
+ continue;
+ }
+
if(c == '\0') {
/* NULLs are not allowed in SSH banners */
session->banner_TxRx_state = libssh2_NB_state_idle;
--
2.23.0

63
backport-Support-rsa-sha2-agent-flags.patch
View File

@ -1,63 +0,0 @@
From 50a1262772fd9cdbdd8f747958e42ef480aecb2b Mon Sep 17 00:00:00 2001
From: Ian Hattendorf <ian@ianhattendorf.com>
Date: Thu, 13 Jan 2022 16:05:53 -0700
Subject: [PATCH] Support rsa-sha2 agent flags (#661)
File: agent.c
Notes: implements rsa-sha2 flags used to tell the agent which signing algo to use.
https://tools.ietf.org/id/draft-miller-ssh-agent-01.html#rfc.section.4.5.1
Credit:
Ian Hattendorf
Conflict:NA
Reference:https://github.com/libssh2/commit/50a1262772fd9cdbdd8f747958e42ef480aecb2b
---
src/agent.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/src/agent.c b/src/agent.c
index a526c77..bce7175 100644
--- a/src/agent.c
+++ b/src/agent.c
@@ -94,6 +94,10 @@
#define SSH_AGENT_CONSTRAIN_LIFETIME 1
#define SSH_AGENT_CONSTRAIN_CONFIRM 2
+/* Signature request methods */
+#define SSH_AGENT_RSA_SHA2_256 2
+#define SSH_AGENT_RSA_SHA2_512 4
+
#ifdef PF_UNIX
static int
agent_connect_unix(LIBSSH2_AGENT *agent)
@@ -375,6 +379,7 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
ssize_t method_len;
unsigned char *s;
int rc;
+ uint32_t sign_flags = 0;
/* Create a request to sign the data */
if(transctx->state == agent_NB_state_init) {
@@ -391,7 +396,18 @@ agent_sign(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len,
_libssh2_store_str(&s, (const char *)data, data_len);
/* flags */
- _libssh2_store_u32(&s, 0);
+ if(session->userauth_pblc_method_len > 0 &&
+ session->userauth_pblc_method) {
+ if(session->userauth_pblc_method_len == 12 &&
+ !memcmp(session->userauth_pblc_method, "rsa-sha2-512", 12)) {
+ sign_flags = SSH_AGENT_RSA_SHA2_512;
+ }
+ else if(session->userauth_pblc_method_len == 12 &&
+ !memcmp(session->userauth_pblc_method, "rsa-sha2-256", 12)) {
+ sign_flags = SSH_AGENT_RSA_SHA2_256;
+ }
+ }
+ _libssh2_store_u32(&s, sign_flags);
transctx->request_len = s - transctx->request;
transctx->send_recv_total = 0;
--
2.23.0

32
backport-free-RSA2-related-memory-664.patch
View File

@ -1,32 +0,0 @@
From 30fc410b972e6dec87c248c0fedbff28cfa18f17 Mon Sep 17 00:00:00 2001
From: Will Cosgrove <will@panic.com>
Date: Tue, 18 Jan 2022 11:28:13 -0800
Subject: [PATCH] free RSA2 related memory (#664)
Free `server_sign_algorithms` and `sign_algo_prefs`.
Conflict:NA
Reference:https://github.com/libssh2/commit/30fc410b972e6dec87c248c0fedbff28cfa18f17
---
src/session.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/session.c b/src/session.c
index 0de5ab3..ae6132c 100644
--- a/src/session.c
+++ b/src/session.c
@@ -981,6 +981,12 @@ session_free(LIBSSH2_SESSION *session)
if(session->remote.lang_prefs) {
LIBSSH2_FREE(session, session->remote.lang_prefs);
}
+ if(session->server_sign_algorithms) {
+ LIBSSH2_FREE(session, session->server_sign_algorithms);
+ }
+ if(session->sign_algo_prefs) {
+ LIBSSH2_FREE(session, session->sign_algo_prefs);
+ }
/*
* Make sure all memory used in the state variables are free
--
2.23.0

33
backport-misc-libssh2_copy_string-avoid-malloc-zero-bytes.patch
View File

@ -1,33 +0,0 @@
From: https://github.com/libssh2/libssh2/commit/e7e1312b0cbfa643e2f8bf5f2036ce5147ed797d
From: bagder <daniel@haxx.se>
Date: 21 Mar 2022 10:11 -0800
Subject: misc/libssh2_copy_string: avoid malloc zero bytes #686
Notes:
* Avoid the inconsistent malloc return code for malloc(0)
--- libssh2-1.10.0/src/misc.c 2019-09-13 14:39:11.000000000 +0800
+++ libssh2-1.10.0/src/misc.c 2022-09-29 18:27:13.604424483 +0800
@@ -794,12 +794,18 @@
return -1;
}
- *outbuf = LIBSSH2_ALLOC(session, str_len);
- if(*outbuf) {
- memcpy(*outbuf, str, str_len);
+ if(str_len) {
+ *outbuf = LIBSSH2_ALLOC(session, str_len);
+ if(*outbuf) {
+ memcpy(*outbuf, str, str_len);
+ }
+ else {
+ return -1;
+ }
}
else {
- return -1;
+ *outlen = 0;
+ *outbuf = NULL;
}
if(outlen)

BIN
libssh2-1.10.0.tar.gz
View File

Binary file not shown.

BIN
libssh2-1.11.0.tar.gz Normal file
View File

Binary file not shown.

32
libssh2.spec
View File

@ -1,23 +1,13 @@
Name: libssh2
Version: 1.10.0
Release: 6
Version: 1.11.0
Release: 1
Summary: A library implementing the SSH2 protocol
License: BSD
URL: https://www.libssh2.org/
Source0: https://libssh2.org/download/libssh2-%{version}.tar.gz
Patch0: backport-RSA-SHA2-256-512-key-upgrade-support-RFC-8332.patch
Patch1: backport-misc-libssh2_copy_string-avoid-malloc-zero-bytes.patch
Patch2: sftp-Prevent-files-from-being-skipped-if-the-output.patch
Patch3: backport-Support-rsa-sha2-agent-flags.patch
Patch4: backport-Fix-a-memcmp-errors-in-code-that-was-changed-from-me.patch
Patch5: backport-Legacy-Agent-support-for-rsa2-key-upgrading-downgrad.patch
Patch6: backport-free-RSA2-related-memory-664.patch
Patch7: backport-NULL-terminate-server_sign_algorithms-string-669.patch
Patch8: backport-Skip-leading-r-and-n-characters-in-banner_receive-76.patch
BuildRequires: coreutils findutils /usr/bin/man zlib-devel
BuildRequires: gcc make sed openssl-devel > 1:1.0.1 openssh-server
BuildRequires: gcc make sed openssl-devel > 1:1.0.2 openssh-server
BuildRequires: glibc-langpack-en groff
%description
@ -39,10 +29,10 @@ developing applications that use libssh2.
%prep
%autosetup -n %{name}-%{version} -p1
sed -i s/4711/47%{__isa_bits}/ tests/ssh2.{c,sh}
sed -i s/4711/47%{?__isa_bits}/ tests/{openssh_fixture.c,test_ssh{2.c,d.test}}
%build
%configure --disable-silent-rules --enable-shared
%configure --disable-silent-rules --enable-shared --disable-docker-tests
%make_build
%install
@ -90,17 +80,23 @@ LC_ALL=en_US.UTF-8 make -C tests check
%files help
%defattr(-,root,root)
%doc docs/BINDINGS docs/HACKING docs/TODO NEWS
%doc docs/BINDINGS.md docs/HACKING.md docs/TODO NEWS
%{_mandir}/man3/libssh2_*.3*
%changelog
* Tue Mar 28 2023 renmingshuai <renmingshuai> - 1.10.0-6
* Mon Aug 7 2023 renmingshuai <renmingshuai@huawei.com> - 1.11.0-1
- Type:requirement
- ID:NA
- SUG:NA
- DESC:update to 1.11.0
* Tue Mar 28 2023 renmingshuai <renmingshuai@huawei.com> - 1.10.0-6
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:backport some upstream patches
* Thu Feb 16 2023 renmingshuai <renmingshuai> - 1.10.0-5
* Thu Feb 16 2023 renmingshuai <renmingshuai@huawei.com> - 1.10.0-5
- Type:bugfix
- ID:NA
- SUG:NA

43
sftp-Prevent-files-from-being-skipped-if-the-output.patch
View File

@ -1,43 +0,0 @@
From bd9c65d68c4152ba0726f5588b4b611410972fbc Mon Sep 17 00:00:00 2001
From: Gabriel Smith <ga29smith@gmail.com>
Date: Fri, 23 Sep 2022 13:03:56 -0400
Subject: [PATCH] sftp: Prevent files from being skipped if the output buffer
is too small (#746)
Notes:
LIBSSH2_ERROR_BUFFER_TOO_SMALL is returned if the buffer is too small
to contain a returned directory entry. On this condition we jump to the
label `end`. At this point the number of names left is decremented
despite no name being returned.
As suggested in #714, this commit moves the error label after the
decrement of `names_left`.
Fixes #714
Credit:
Co-authored-by: Gabriel Smith <gabriel.smith@precisionot.com>
---
src/sftp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/sftp.c b/src/sftp.c
index b1a5352..2df918a 100644
--- a/src/sftp.c
+++ b/src/sftp.c
@@ -1852,11 +1852,11 @@ static ssize_t sftp_readdir(LIBSSH2_SFTP_HANDLE *handle, char *buffer,
handle->u.dir.next_name = (char *) s;
handle->u.dir.names_packet_len = names_packet_len;
- end:
if((--handle->u.dir.names_left) == 0)
LIBSSH2_FREE(session, handle->u.dir.names_packet);
+ end:
_libssh2_debug(session, LIBSSH2_TRACE_SFTP,
"libssh2_sftp_readdir_ex() return %d",
filename_len);
--
2.25.1