Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libssh for openSUSE:Factory checked in at 2022-01-09 22:50:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libssh (Old) and /work/SRC/openSUSE:Factory/.libssh.new.1892 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libssh" Sun Jan 9 22:50:02 2022 rev:66 rq:944781 version:0.9.6 Changes: -------- --- /work/SRC/openSUSE:Factory/libssh/libssh.changes 2021-11-03 17:26:58.337360403 +0100 +++ /work/SRC/openSUSE:Factory/.libssh.new.1892/libssh.changes 2022-01-09 22:50:14.163287361 +0100 @@ -1,0 +2,6 @@ +Wed Jan 5 13:58:56 UTC 2022 - Fabian Vogt <fab...@ritter-vogt.de> + +- Add patch to make the compression option more compatible (boo#1192731): + * 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch + +------------------------------------------------------------------- New: ---- 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libssh.spec ++++++ --- /var/tmp/diff_new_pack.QH3ceE/_old 2022-01-09 22:50:14.791287921 +0100 +++ /var/tmp/diff_new_pack.QH3ceE/_new 2022-01-09 22:50:14.799287928 +0100 @@ -1,7 +1,7 @@ # # spec file # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -43,6 +43,8 @@ Source4: libssh_server.config Source99: baselibs.conf Patch0: 0001-disable-timeout-test-on-slow-buildsystems.patch +# PATCH-FIX-UPSTREAM +Patch1: 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires: krb5-devel ++++++ 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch ++++++ >From 14991ad0718c137828e780308fc1f7027293ec15 Mon Sep 17 00:00:00 2001 From: Fabian Vogt <fab...@ritter-vogt.de> Date: Thu, 23 Dec 2021 12:34:00 +0100 Subject: [PATCH] Soften behaviour of the Compression=no/yes option Currently Compression=no (the default) force-disables zlib algos, while Compression=yes force-enables it. This means that mismatching options between client and server lead to connection failure. This can easily happen if the server has default settings but the client specifies Compression=yes. OpenSSH treats the option as a "prefer compression" setting: Compression=no -> none,z...@openssh.com,zlib (default) Compression=yes -> z...@openssh.com,zlib,none This commit changes the libssh behaviour to the same as OpenSSH. Signed-off-by: Fabian Vogt <fab...@ritter-vogt.de> Reviewed-by: Andreas Schneider <a...@cryptomilk.org> Reviewed-by: Jakub Jelen <jje...@redhat.com> --- src/kex.c | 6 +++--- src/options.c | 8 ++++---- tests/unittests/torture_config.c | 10 ++++++---- tests/unittests/torture_options.c | 29 +++++++++++++++++++++++++---- 4 files changed, 38 insertions(+), 15 deletions(-) Index: libssh-0.9.6/src/kex.c =================================================================== --- libssh-0.9.6.orig/src/kex.c +++ libssh-0.9.6/src/kex.c @@ -94,7 +94,7 @@ #endif /* HAVE_LIBCRYPTO */ #ifdef WITH_ZLIB -#define ZLIB "none,zlib,z...@openssh.com" +#define ZLIB "none,z...@openssh.com,zlib" #else #define ZLIB "none" #endif @@ -218,8 +218,8 @@ static const char *default_methods[] = { AES BLOWFISH DES, "hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", "hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", - "none", - "none", + ZLIB, + ZLIB, "", "", NULL Index: libssh-0.9.6/src/options.c =================================================================== --- libssh-0.9.6.orig/src/options.c +++ libssh-0.9.6/src/options.c @@ -844,10 +844,10 @@ int ssh_options_set(ssh_session session, return -1; } else { if (strcasecmp(value,"yes")==0){ - if(ssh_options_set_algo(session,SSH_COMP_C_S,"z...@openssh.com,zlib") < 0) + if(ssh_options_set_algo(session,SSH_COMP_C_S,"z...@openssh.com,zlib,none") < 0) return -1; } else if (strcasecmp(value,"no")==0){ - if(ssh_options_set_algo(session,SSH_COMP_C_S,"none") < 0) + if(ssh_options_set_algo(session,SSH_COMP_C_S,"none,z...@openssh.com,zlib") < 0) return -1; } else { if (ssh_options_set_algo(session, SSH_COMP_C_S, v) < 0) @@ -862,10 +862,10 @@ int ssh_options_set(ssh_session session, return -1; } else { if (strcasecmp(value,"yes")==0){ - if(ssh_options_set_algo(session,SSH_COMP_S_C,"z...@openssh.com,zlib") < 0) + if(ssh_options_set_algo(session,SSH_COMP_S_C,"z...@openssh.com,zlib,none") < 0) return -1; } else if (strcasecmp(value,"no")==0){ - if(ssh_options_set_algo(session,SSH_COMP_S_C,"none") < 0) + if(ssh_options_set_algo(session,SSH_COMP_S_C,"none,z...@openssh.com,zlib") < 0) return -1; } else { if (ssh_options_set_algo(session, SSH_COMP_S_C, v) < 0) Index: libssh-0.9.6/tests/unittests/torture_config.c =================================================================== --- libssh-0.9.6.orig/tests/unittests/torture_config.c +++ libssh-0.9.6/tests/unittests/torture_config.c @@ -345,12 +345,14 @@ static void torture_config_new(void **st assert_string_equal(session->opts.bindaddr, BIND_ADDRESS); #ifdef WITH_ZLIB assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S], - "z...@openssh.com,zlib"); + "z...@openssh.com,zlib,none"); assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C], - "z...@openssh.com,zlib"); + "z...@openssh.com,zlib,none"); #else - assert_null(session->opts.wanted_methods[SSH_COMP_C_S]); - assert_null(session->opts.wanted_methods[SSH_COMP_S_C]); + assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S], + "none"); + assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C], + "none"); #endif /* WITH_ZLIB */ assert_int_equal(session->opts.StrictHostKeyChecking, 0); assert_int_equal(session->opts.gss_delegate_creds, 1);