import libssh-0.9.0-4.el8
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
584bc09f46
commit
ef6a1084c8
3
.gitignore
vendored
3
.gitignore
vendored
@ -1 +1,2 @@
|
||||
SOURCES/libssh-0.8.91.tar.xz
|
||||
SOURCES/libssh-0.9.0.tar.xz
|
||||
SOURCES/libssh.keyring
|
||||
|
||||
@ -1 +1,2 @@
|
||||
d875a1b0a93971848d99da0953b823e70adb1abd SOURCES/libssh-0.8.91.tar.xz
|
||||
570bffef68af6c1211673bc9a8036c9265935b2b SOURCES/libssh-0.9.0.tar.xz
|
||||
3f2ab0bca02893402ba0ad172a6bd44456a65f86 SOURCES/libssh.keyring
|
||||
|
||||
1240
SOURCES/libssh-0.9.0-do-not-ignore-known-hosts-keys.patch
Normal file
1240
SOURCES/libssh-0.9.0-do-not-ignore-known-hosts-keys.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -1,8 +1,6 @@
|
||||
diff --git a/tests/torture.c b/tests/torture.c
|
||||
index 772942c2..8e420b35 100644
|
||||
--- a/tests/torture.c
|
||||
+++ b/tests/torture.c
|
||||
@@ -854,7 +854,7 @@ void torture_setup_sshd_server(void **state, bool pam)
|
||||
--- a/tests/torture.c 2019-06-28 14:01:52.936462964 +0200
|
||||
+++ b/tests/torture.c 2019-06-28 14:03:52.324325029 +0200
|
||||
@@ -854,7 +854,7 @@
|
||||
s = *state;
|
||||
|
||||
snprintf(sshd_start_cmd, sizeof(sshd_start_cmd),
|
||||
@ -11,7 +9,7 @@ index 772942c2..8e420b35 100644
|
||||
s->srv_config, s->socket_dir, s->socket_dir);
|
||||
|
||||
rc = system(sshd_start_cmd);
|
||||
@@ -864,7 +864,7 @@ void torture_setup_sshd_server(void **state, bool pam)
|
||||
@@ -864,7 +864,7 @@
|
||||
unsetenv("PAM_WRAPPER");
|
||||
|
||||
/* Wait until the sshd is ready to accept connections */
|
||||
@ -20,10 +18,11 @@ index 772942c2..8e420b35 100644
|
||||
assert_int_equal(rc, 0);
|
||||
}
|
||||
|
||||
@@ -905,26 +905,32 @@ torture_reload_sshd_server(void **state)
|
||||
@@ -904,27 +904,32 @@
|
||||
torture_reload_sshd_server(void **state)
|
||||
{
|
||||
struct torture_state *s = *state;
|
||||
pid_t pid;
|
||||
- pid_t pid;
|
||||
+ char sshd_start_cmd[1024];
|
||||
int rc;
|
||||
|
||||
59
SOURCES/libssh-0.9.0-skip-1k-rsa-key-generation-test.patch
Normal file
59
SOURCES/libssh-0.9.0-skip-1k-rsa-key-generation-test.patch
Normal file
@ -0,0 +1,59 @@
|
||||
From bf2ed2ca929e5e12279f85c930f8fbb452ada888 Mon Sep 17 00:00:00 2001
|
||||
From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
||||
Date: Tue, 30 Jul 2019 18:22:30 +0200
|
||||
Subject: [PATCH] tests: Skip testing 1024 bits key generation in FIPS mode
|
||||
|
||||
In torture_threads_pki_rsa, skip the test which generates 1024 bits RSA
|
||||
key pair when in FIPS mode.
|
||||
|
||||
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
||||
---
|
||||
tests/unittests/torture_threads_pki_rsa.c | 28 ++++++++++++-----------
|
||||
1 file changed, 15 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/tests/unittests/torture_threads_pki_rsa.c b/tests/unittests/torture_threads_pki_rsa.c
|
||||
index 5a841ee9..03d526cd 100644
|
||||
--- a/tests/unittests/torture_threads_pki_rsa.c
|
||||
+++ b/tests/unittests/torture_threads_pki_rsa.c
|
||||
@@ -571,23 +571,25 @@ static void *thread_pki_rsa_generate_key(void *threadid)
|
||||
session = ssh_new();
|
||||
assert_non_null(session);
|
||||
|
||||
- rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);
|
||||
- assert_ssh_return_code(session, rc);
|
||||
- assert_non_null(key);
|
||||
+ if (!ssh_fips_mode()) {
|
||||
+ rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 1024, &key);
|
||||
+ assert_ssh_return_code(session, rc);
|
||||
+ assert_non_null(key);
|
||||
|
||||
- rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
|
||||
- assert_int_equal(rc, SSH_OK);
|
||||
- assert_non_null(pubkey);
|
||||
+ rc = ssh_pki_export_privkey_to_pubkey(key, &pubkey);
|
||||
+ assert_int_equal(rc, SSH_OK);
|
||||
+ assert_non_null(pubkey);
|
||||
|
||||
- sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
|
||||
- assert_non_null(sign);
|
||||
+ sign = pki_do_sign(key, RSA_HASH, 20, SSH_DIGEST_SHA256);
|
||||
+ assert_non_null(sign);
|
||||
|
||||
- rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
|
||||
- assert_ssh_return_code(session, rc);
|
||||
+ rc = pki_signature_verify(session, sign, pubkey, RSA_HASH, 20);
|
||||
+ assert_ssh_return_code(session, rc);
|
||||
|
||||
- ssh_signature_free(sign);
|
||||
- SSH_KEY_FREE(key);
|
||||
- SSH_KEY_FREE(pubkey);
|
||||
+ ssh_signature_free(sign);
|
||||
+ SSH_KEY_FREE(key);
|
||||
+ SSH_KEY_FREE(pubkey);
|
||||
+ }
|
||||
|
||||
rc = ssh_pki_generate(SSH_KEYTYPE_RSA, 2048, &key);
|
||||
assert_ssh_return_code(session, rc);
|
||||
--
|
||||
2.21.0
|
||||
|
||||
16
SOURCES/libssh-0.9.0.tar.xz.asc
Normal file
16
SOURCES/libssh-0.9.0.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEjf9T4Y8qvI2PPJIjfuD8TcwBTj0FAl0VtfEACgkQfuD8TcwB
|
||||
Tj0cthAApYglGlE2+f06uKvPUc8LvzVkRFJA5ycm7uMddrMbSJ+ElScEu1a6q/qV
|
||||
xPK3w49WdDpbYcz3s/GtdhGkSTye49Zav2PJzDFWvac+PoXVOwt7C5JzlPSq7kfa
|
||||
0i6k1/7YSiPcFCo7467v2fpg0t80OHgS+Tbc1mwI0KtRzPA2pjqHsnu+RVNc6EA1
|
||||
paUf1QMhjPFIQwcqJcQGAHZBqpx4JBspzBpC7wDxQKFh5FfMbVOxPG3qvgeOYDqd
|
||||
cbfsJkdOJQ0rAxyNBB6xbz8XktJyK4Bjg5eT9GEz+zpsjh8jtfJMhNEemaBLXkug
|
||||
+4wb4DU2uhEuOoOFh0YOgLcRLm2INNhVSTcizasmA8X1YcvAUmKB7fUMuYwOQOPZ
|
||||
bsSkJ8kg7v76Y8w/pUger99pVYg0iiLi9KI6a2t7qTSibZewv38IV6eSJqORnZja
|
||||
SLeswZUAAtHK/nTf7ohZ8Blnhx3UE5M6vyuli+KMmHAxTOzHhyWJvYDYJ2oJ7+tR
|
||||
N49U1O77VE0WYY7HoyEXYkvSwWLb+MYK6ueaJTVBEbq7ZdpzQBQtPLoyCXUdQwZ2
|
||||
DyZaaZnhkn9FYvsJp/twHra3XlQ359EXdMwflISaKgFUpfaluLIu1xRGrYH4XPNm
|
||||
FHZRPCj34PY1uDOKHXiRl/xUdaR4CSIKPgofhxzy/mLZepJR9vU=
|
||||
=xGD9
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -1,15 +1,19 @@
|
||||
Name: libssh
|
||||
Version: 0.8.91
|
||||
Release: 0.1%{?dist}
|
||||
Version: 0.9.0
|
||||
Release: 4%{?dist}
|
||||
Summary: A library implementing the SSH protocol
|
||||
License: LGPLv2+
|
||||
URL: http://www.libssh.org
|
||||
|
||||
Source0: https://www.libssh.org/files/rc/libssh-0.8.91.tar.xz
|
||||
Source0: https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz
|
||||
Source1: https://www.libssh.org/files/0.9/%{name}-%{version}.tar.xz.asc
|
||||
Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring
|
||||
Source3: libssh_client.config
|
||||
Source4: libssh_server.config
|
||||
|
||||
Patch0: libssh-0.8.91-run-sshd-confined.patch
|
||||
Patch0: libssh-0.9.0-run-sshd-confined.patch
|
||||
Patch1: libssh-0.9.0-do-not-ignore-known-hosts-keys.patch
|
||||
Patch2: libssh-0.9.0-skip-1k-rsa-key-generation-test.patch
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: doxygen
|
||||
@ -21,6 +25,9 @@ BuildRequires: zlib-devel
|
||||
BuildRequires: krb5-devel
|
||||
BuildRequires: libcmocka-devel
|
||||
|
||||
Requires: crypto-policies
|
||||
Requires: %{name}-config = %{version}-%{release}
|
||||
|
||||
%ifarch aarch64 ppc64 ppc64le s390x x86_64
|
||||
Provides: libssh_threads.so()(64bit)
|
||||
Provides: libssh_threads.so.4()(64bit)
|
||||
@ -45,7 +52,16 @@ Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
The %{name}-devel package contains libraries and header files for developing
|
||||
applications that use %{name}.
|
||||
|
||||
%package config
|
||||
Summary: Configuration files for %{name}
|
||||
BuildArch: noarch
|
||||
Obsoletes: %{name} < 0.9.0-1
|
||||
|
||||
%description config
|
||||
The %{name}-config package provides the default configuration files for %{name}.
|
||||
|
||||
%prep
|
||||
gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
|
||||
%autosetup -p1
|
||||
|
||||
%build
|
||||
@ -67,7 +83,7 @@ popd
|
||||
|
||||
%install
|
||||
make DESTDIR=%{buildroot} install/fast -C obj
|
||||
mkdir -p -m755 %{buildroot}%{_sysconfdir}/libssh
|
||||
install -d -m755 %{buildroot}%{_sysconfdir}/libssh
|
||||
install -m644 %{SOURCE3} %{buildroot}%{_sysconfdir}/libssh/libssh_client.config
|
||||
install -m644 %{SOURCE4} %{buildroot}%{_sysconfdir}/libssh/libssh_server.config
|
||||
|
||||
@ -101,9 +117,6 @@ popd
|
||||
%license COPYING
|
||||
%{_libdir}/libssh.so.4*
|
||||
%{_libdir}/libssh_threads.so.4*
|
||||
%attr(0755,root,root) %dir %{_sysconfdir}/libssh
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_client.config
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
||||
|
||||
%files devel
|
||||
%doc obj/doc/html
|
||||
@ -114,7 +127,29 @@ popd
|
||||
%{_libdir}/pkgconfig/libssh.pc
|
||||
%{_libdir}/libssh.so
|
||||
|
||||
%files config
|
||||
%attr(0755,root,root) %dir %{_sysconfdir}/libssh
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_client.config
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
||||
|
||||
%changelog
|
||||
* Mon Aug 05 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-4
|
||||
- Skip 1024 bits RSA key generation test in FIPS mode (#1734485)
|
||||
|
||||
* Thu Jul 11 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-3
|
||||
- Add Obsoletes in libssh-config to avoid conflict with old libssh which
|
||||
installed the configuration files.
|
||||
|
||||
* Wed Jul 10 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-2
|
||||
- Eliminate circular dependency with libssh-config subpackage
|
||||
|
||||
* Wed Jul 10 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-1
|
||||
- Update to version 0.9.0
|
||||
https://www.libssh.org/2019/06/28/libssh-0-9-0/
|
||||
- Added explicit Requires for crypto-policies
|
||||
- Do not ignore known_hosts keys when SSH_OPTIONS_HOSTKEYS is set
|
||||
- Provide the configuration files in a separate libssh-config subpackage
|
||||
|
||||
* Mon Jun 17 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.8.91-0.1
|
||||
- Update to 0.9.0 pre release version (0.8.91)
|
||||
- Added default configuration files for client and server
|
||||
|
||||
Loading…
Reference in New Issue
Block a user