Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libssh for openSUSE:Factory checked
in at 2022-01-09 22:50:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libssh (Old)
and /work/SRC/openSUSE:Factory/.libssh.new.1892 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libssh"
Sun Jan 9 22:50:02 2022 rev:66 rq:944781 version:0.9.6
Changes:
--------
--- /work/SRC/openSUSE:Factory/libssh/libssh.changes 2021-11-03
17:26:58.337360403 +0100
+++ /work/SRC/openSUSE:Factory/.libssh.new.1892/libssh.changes 2022-01-09
22:50:14.163287361 +0100
@@ -1,0 +2,6 @@
+Wed Jan 5 13:58:56 UTC 2022 - Fabian Vogt <fab...@ritter-vogt.de>
+
+- Add patch to make the compression option more compatible (boo#1192731):
+ * 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch
+
+-------------------------------------------------------------------
New:
----
0001-Soften-behaviour-of-the-Compression-no-yes-option.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libssh.spec ++++++
--- /var/tmp/diff_new_pack.QH3ceE/_old 2022-01-09 22:50:14.791287921 +0100
+++ /var/tmp/diff_new_pack.QH3ceE/_new 2022-01-09 22:50:14.799287928 +0100
@@ -1,7 +1,7 @@
#
# spec file
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -43,6 +43,8 @@
Source4: libssh_server.config
Source99: baselibs.conf
Patch0: 0001-disable-timeout-test-on-slow-buildsystems.patch
+# PATCH-FIX-UPSTREAM
+Patch1: 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch
BuildRequires: cmake
BuildRequires: gcc-c++
BuildRequires: krb5-devel
++++++ 0001-Soften-behaviour-of-the-Compression-no-yes-option.patch ++++++
>From 14991ad0718c137828e780308fc1f7027293ec15 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fab...@ritter-vogt.de>
Date: Thu, 23 Dec 2021 12:34:00 +0100
Subject: [PATCH] Soften behaviour of the Compression=no/yes option
Currently Compression=no (the default) force-disables zlib algos, while
Compression=yes force-enables it. This means that mismatching options between
client and server lead to connection failure. This can easily happen if the
server has default settings but the client specifies Compression=yes.
OpenSSH treats the option as a "prefer compression" setting:
Compression=no -> none,z...@openssh.com,zlib (default)
Compression=yes -> z...@openssh.com,zlib,none
This commit changes the libssh behaviour to the same as OpenSSH.
Signed-off-by: Fabian Vogt <fab...@ritter-vogt.de>
Reviewed-by: Andreas Schneider <a...@cryptomilk.org>
Reviewed-by: Jakub Jelen <jje...@redhat.com>
---
src/kex.c | 6 +++---
src/options.c | 8 ++++----
tests/unittests/torture_config.c | 10 ++++++----
tests/unittests/torture_options.c | 29 +++++++++++++++++++++++++----
4 files changed, 38 insertions(+), 15 deletions(-)
Index: libssh-0.9.6/src/kex.c
===================================================================
--- libssh-0.9.6.orig/src/kex.c
+++ libssh-0.9.6/src/kex.c
@@ -94,7 +94,7 @@
#endif /* HAVE_LIBCRYPTO */
#ifdef WITH_ZLIB
-#define ZLIB "none,zlib,z...@openssh.com"
+#define ZLIB "none,z...@openssh.com,zlib"
#else
#define ZLIB "none"
#endif
@@ -218,8 +218,8 @@ static const char *default_methods[] = {
AES BLOWFISH DES,
"hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1",
"hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1",
- "none",
- "none",
+ ZLIB,
+ ZLIB,
"",
"",
NULL
Index: libssh-0.9.6/src/options.c
===================================================================
--- libssh-0.9.6.orig/src/options.c
+++ libssh-0.9.6/src/options.c
@@ -844,10 +844,10 @@ int ssh_options_set(ssh_session session,
return -1;
} else {
if (strcasecmp(value,"yes")==0){
-
if(ssh_options_set_algo(session,SSH_COMP_C_S,"z...@openssh.com,zlib") < 0)
+
if(ssh_options_set_algo(session,SSH_COMP_C_S,"z...@openssh.com,zlib,none") < 0)
return -1;
} else if (strcasecmp(value,"no")==0){
- if(ssh_options_set_algo(session,SSH_COMP_C_S,"none") < 0)
+
if(ssh_options_set_algo(session,SSH_COMP_C_S,"none,z...@openssh.com,zlib") < 0)
return -1;
} else {
if (ssh_options_set_algo(session, SSH_COMP_C_S, v) < 0)
@@ -862,10 +862,10 @@ int ssh_options_set(ssh_session session,
return -1;
} else {
if (strcasecmp(value,"yes")==0){
-
if(ssh_options_set_algo(session,SSH_COMP_S_C,"z...@openssh.com,zlib") < 0)
+
if(ssh_options_set_algo(session,SSH_COMP_S_C,"z...@openssh.com,zlib,none") < 0)
return -1;
} else if (strcasecmp(value,"no")==0){
- if(ssh_options_set_algo(session,SSH_COMP_S_C,"none") < 0)
+
if(ssh_options_set_algo(session,SSH_COMP_S_C,"none,z...@openssh.com,zlib") < 0)
return -1;
} else {
if (ssh_options_set_algo(session, SSH_COMP_S_C, v) < 0)
Index: libssh-0.9.6/tests/unittests/torture_config.c
===================================================================
--- libssh-0.9.6.orig/tests/unittests/torture_config.c
+++ libssh-0.9.6/tests/unittests/torture_config.c
@@ -345,12 +345,14 @@ static void torture_config_new(void **st
assert_string_equal(session->opts.bindaddr, BIND_ADDRESS);
#ifdef WITH_ZLIB
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
- "z...@openssh.com,zlib");
+ "z...@openssh.com,zlib,none");
assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C],
- "z...@openssh.com,zlib");
+ "z...@openssh.com,zlib,none");
#else
- assert_null(session->opts.wanted_methods[SSH_COMP_C_S]);
- assert_null(session->opts.wanted_methods[SSH_COMP_S_C]);
+ assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
+ "none");
+ assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C],
+ "none");
#endif /* WITH_ZLIB */
assert_int_equal(session->opts.StrictHostKeyChecking, 0);
assert_int_equal(session->opts.gss_delegate_creds, 1);
