Cap SFTP packet size sent

Resolves: RHEL-5311

0054-curl-7.61.1-64K-sftp.patch

@@ -0,0 +1,31 @@
+From 35eb2614d86316ba9f5a6806ce64f56680fa1e97 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Tue, 5 Sep 2023 17:33:41 +0200
+Subject: [PATCH] libssh: cap SFTP packet size sent
+
+Due to libssh limitations
+
+Signed-off-by: Jakub Jelen <jjelen@redhat.com>
+
+Closes #11804
+---
+ lib/ssh-libssh.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/lib/ssh-libssh.c b/lib/ssh-libssh.c
+index dea0084575859..7c6a2e53f338f 100644
+--- a/lib/ssh-libssh.c
++++ b/lib/ssh-libssh.c
+@@ -2412,6 +2412,12 @@ static ssize_t sftp_send(struct Curl_easy *data, int sockindex,
+   ssize_t nwrite;
+   (void)sockindex;
+ 
++  /* limit the writes to the maximum specified in Section 3 of
++   * https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02
++   */
++  if(len > 32768)
++    len = 32768;
++
+   nwrite = sftp_write(conn->proto.sshc.sftp_file, mem, len);
+ 
+   myssh_block2waitfor(conn, FALSE);

curl.spec

@@ -154,6 +154,9 @@ Patch52:  0052-curl-7.61.1-certs.patch
 # when keyboard-interactive auth fails, try password
 Patch53:  0053-curl-7.61.1-password-when-keyboard-interactive-fails.patch
 
+# cap SFTP packet size sent
+Patch54:  0054-curl-7.61.1-64K-sftp.patch
+
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
 
@@ -380,6 +383,7 @@ sed -e 's|:8992/|:%{?__isa_bits}92/|g' -i tests/data/test97{3..6}
 %patch51 -p1
 git apply %{PATCH52}
 %patch53 -p1
+%patch54 -p1
 
 # make tests/*.py use Python 3
 sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
@@ -544,6 +548,7 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %changelog
 * Tue Sep 19 2023 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-34
 - when keyboard-interactive auth fails, try password (#2229800)
+- cap SFTP packet size sent (RHEL-5311)
 
 * Tue Jun 27 2023 Jacek Migacz <jmigacz@redhat.com> - 7.61.1-33
 - fix host name wildcard checking (CVE-2023-28321)