[arch-commits] Commit in kdebase-runtime/trunk (PKGBUILD libssh05.patch)

Andrea Scarpino andrea at nymeria.archlinux.org
Fri Apr 18 10:16:35 UTC 2014


    Date: Friday, April 18, 2014 @ 12:16:35
  Author: andrea
Revision: 211192

upgpkg: kdebase-runtime 4.13.0-2

We still build upon libssh 0.5, so this patch is needed

Added:
  kdebase-runtime/trunk/libssh05.patch
Modified:
  kdebase-runtime/trunk/PKGBUILD

----------------+
 PKGBUILD       |   11 +-
 libssh05.patch |  269 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 277 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2014-04-18 09:24:58 UTC (rev 211191)
+++ PKGBUILD	2014-04-18 10:16:35 UTC (rev 211192)
@@ -4,7 +4,7 @@
 
 pkgname=kdebase-runtime
 pkgver=4.13.0
-pkgrel=1
+pkgrel=2
 pkgdesc="Plugins and applications necessary for the running of KDE applications"
 arch=('i686' 'x86_64')
 url='https://projects.kde.org/projects/kde/kde-runtime'
@@ -18,11 +18,16 @@
             'htdig: to build the search index in the KHelpCenter'
             'rarian: needed by KHelpCenter')
 install="${pkgname}.install"
-source=("http://download.kde.org/stable/${pkgver}/src/kde-runtime-${pkgver}.tar.xz")
-sha1sums=('0ec0970baeb806fa036c9241821d494006d49198')
+source=("http://download.kde.org/stable/${pkgver}/src/kde-runtime-${pkgver}.tar.xz"
+        'libssh05.patch')
+sha1sums=('0ec0970baeb806fa036c9241821d494006d49198'
+          'c360f682dc5b51e2f9f893b625807b4d62f646ab')
 
 prepare() {
   mkdir build
+
+  cd kde-runtime-${pkgver}
+  patch -Rp1 -i "${srcdir}"/libssh05.patch
 }
 
 build() {

Added: libssh05.patch
===================================================================
--- libssh05.patch	                        (rev 0)
+++ libssh05.patch	2014-04-18 10:16:35 UTC (rev 211192)
@@ -0,0 +1,269 @@
+commit 40076246be995cc006a12f8afc2c18cfacbf0604
+Author: Andreas Schneider <asn at cryptomilk.org>
+Date:   Thu Jan 9 10:19:06 2014 +0100
+
+    kio_sftp: Support ECDSA keys.
+    
+    This migrates to the API of libssh 0.6.0.
+    
+    BUG: 327024
+
+diff --git a/kioslave/CMakeLists.txt b/kioslave/CMakeLists.txt
+index 026ae9b..b150290 100644
+--- a/kioslave/CMakeLists.txt
++++ b/kioslave/CMakeLists.txt
+@@ -11,7 +11,7 @@ set_package_properties(Samba PROPERTIES DESCRIPTION "the SMB client library, a v
+                       )
+ endif(NOT WIN32)
+ 
+-macro_optional_find_package(LibSSH 0.4.0)
++macro_optional_find_package(LibSSH 0.6.0)
+ set_package_properties(LibSSH PROPERTIES DESCRIPTION "the SSH library with SFTP support"
+                        URL "http://www.libssh.org/"
+                        TYPE OPTIONAL
+diff --git a/kioslave/sftp/kio_sftp.cpp b/kioslave/sftp/kio_sftp.cpp
+index 8c34faa..14bcaf6 100644
+--- a/kioslave/sftp/kio_sftp.cpp
++++ b/kioslave/sftp/kio_sftp.cpp
+@@ -632,8 +632,10 @@ void sftpProtocol::openConnection() {
+   QString msg;     // msg for dialog box
+   QString caption; // dialog box caption
+   unsigned char *hash = NULL; // the server hash
++  ssh_key srv_pubkey;
+   char *hexa;
+-  int rc, state, hlen;
++  size_t hlen;
++  int rc, state;
+ 
+   // Attempt to start a ssh session and establish a connection with the server.
+   if (!sftpOpenConnection(info)) {
+@@ -643,13 +645,25 @@ void sftpProtocol::openConnection() {
+   kDebug(KIO_SFTP_DB) << "Getting the SSH server hash";
+ 
+   /* get the hash */
+-  hlen = ssh_get_pubkey_hash(mSession, &hash);
+-  if (hlen < 0) {
++  rc = ssh_get_publickey(mSession, &srv_pubkey);
++  if (rc < 0) {
+     error(KIO::ERR_SLAVE_DEFINED, QString::fromUtf8(ssh_get_error(mSession)));
+     closeConnection();
+     return;
+   }
+ 
++  rc = ssh_get_publickey_hash(srv_pubkey,
++                              SSH_PUBLICKEY_HASH_SHA1,
++                              &hash,
++                              &hlen);
++  ssh_key_free(srv_pubkey);
++  if (rc < 0) {
++    error(KIO::ERR_SLAVE_DEFINED,
++          i18n("Could not create hash from server public key"));
++    closeConnection();
++    return;
++  }
++
+   kDebug(KIO_SFTP_DB) << "Checking if the SSH server is known";
+ 
+   /* check the server public key hash */
+@@ -658,7 +672,7 @@ void sftpProtocol::openConnection() {
+     case SSH_SERVER_KNOWN_OK:
+       break;
+     case SSH_SERVER_FOUND_OTHER:
+-      delete hash;
++      ssh_string_free_char((char *)hash);
+       error(KIO::ERR_SLAVE_DEFINED, i18n("The host key for this server was "
+             "not found, but another type of key exists.\n"
+             "An attacker might change the default server key to confuse your "
+@@ -668,7 +682,7 @@ void sftpProtocol::openConnection() {
+       return;
+     case SSH_SERVER_KNOWN_CHANGED:
+       hexa = ssh_get_hexa(hash, hlen);
+-      delete hash;
++      ssh_string_free_char((char *)hash);
+       /* TODO print known_hosts file, port? */
+       error(KIO::ERR_SLAVE_DEFINED, i18n("The host key for the server %1 has changed.\n"
+           "This could either mean that DNS SPOOFING is happening or the IP "
+@@ -676,18 +690,18 @@ void sftpProtocol::openConnection() {
+           "The fingerprint for the key sent by the remote host is:\n %2\n"
+           "Please contact your system administrator.\n%3",
+           mHost, QString::fromUtf8(hexa), QString::fromUtf8(ssh_get_error(mSession))));
+-      delete hexa;
++      ssh_string_free_char(hexa);
+       closeConnection();
+       return;
+     case SSH_SERVER_FILE_NOT_FOUND:
+     case SSH_SERVER_NOT_KNOWN:
+       hexa = ssh_get_hexa(hash, hlen);
+-      delete hash;
++      ssh_string_free_char((char *)hash);
+       caption = i18n("Warning: Cannot verify host's identity.");
+       msg = i18n("The authenticity of host %1 cannot be established.\n"
+         "The key fingerprint is: %2\n"
+         "Are you sure you want to continue connecting?", mHost, hexa);
+-      delete hexa;
++      ssh_string_free_char(hexa);
+ 
+       if (KMessageBox::Yes != messageBox(WarningYesNo, msg, caption)) {
+         closeConnection();
+@@ -704,7 +718,7 @@ void sftpProtocol::openConnection() {
+       }
+       break;
+     case SSH_SERVER_ERROR:
+-      delete hash;
++      ssh_string_free_char((char *)hash);
+       error(KIO::ERR_SLAVE_DEFINED, QString::fromUtf8(ssh_get_error(mSession)));
+       return;
+   }
+@@ -732,7 +746,7 @@ void sftpProtocol::openConnection() {
+   if (rc != SSH_AUTH_SUCCESS && (method & SSH_AUTH_METHOD_PUBLICKEY)) {
+     kDebug(KIO_SFTP_DB) << "Trying to authenticate with public key";
+     for(;;) {
+-      rc = ssh_userauth_autopubkey(mSession, NULL);
++      rc = ssh_userauth_publickey_auto(mSession, NULL, NULL);
+       if (rc == SSH_AUTH_ERROR) {
+         kDebug(KIO_SFTP_DB) << "Public key authentication failed:" <<
+                 QString::fromUtf8(ssh_get_error(mSession));
+@@ -747,6 +761,19 @@ void sftpProtocol::openConnection() {
+     }
+   }
+ 
++  // Try to authenticate with GSSAPI
++  if (rc != SSH_AUTH_SUCCESS && (method & SSH_AUTH_METHOD_GSSAPI_MIC)) {
++      kDebug(KIO_SFTP_DB) << "Trying to authenticate with GSSAPI";
++      rc = ssh_userauth_gssapi(mSession);
++      if (rc == SSH_AUTH_ERROR) {
++          kDebug(KIO_SFTP_DB) << "Public key authentication failed:" <<
++                 QString::fromUtf8(ssh_get_error(mSession));
++          closeConnection();
++          error(KIO::ERR_COULD_NOT_LOGIN, i18n("Authentication failed."));
++          return;
++      }
++  }
++
+   // Try to authenticate with keyboard interactive
+   if (rc != SSH_AUTH_SUCCESS && (method & SSH_AUTH_METHOD_INTERACTIVE)) {
+     kDebug(KIO_SFTP_DB) << "Trying to authenticate with keyboard interactive";
+From: Andreas Schneider <asn at cryptomilk.org>
+Date: Mon, 13 Jan 2014 09:42:44 +0000
+Subject: kio_sftp: Migrate to new libssh logging functionality.
+X-Git-Tag: v4.12.80
+X-Git-Url: http://quickgit.kde.org/?p=kde-runtime.git&a=commitdiff&h=9248c790b0cbcbe1c4c8519e7b7da9b504616fad
+---
+kio_sftp: Migrate to new libssh logging functionality.
+---
+
+
+--- a/kioslave/sftp/kio_sftp.cpp
++++ b/kioslave/sftp/kio_sftp.cpp
+@@ -176,16 +176,16 @@
+   return 0;
+ }
+ 
+-static void log_callback(ssh_session session, int priority, const char *message,
++static void log_callback(int priority, const char *function, const char *buffer,
+                          void *userdata)
+ {
+-  if (userdata == NULL) {
+-    return;
+-  }
+-
+-  sftpProtocol *slave = (sftpProtocol *) userdata;
+-
+-  slave->log_callback(session, priority, message, userdata);
++    if (userdata == NULL) {
++        return;
++    }
++
++    sftpProtocol *slave = (sftpProtocol *) userdata;
++
++    slave->log_callback(priority, function, buffer, userdata);
+ }
+ 
+ int sftpProtocol::auth_callback(const char *prompt, char *buf, size_t len,
+@@ -235,13 +235,12 @@
+   return 0;
+ }
+ 
+-void sftpProtocol::log_callback(ssh_session session, int priority,
+-                                const char *message, void *userdata)
++void sftpProtocol::log_callback(int priority, const char *function, const char *buffer,
++                                void *userdata)
+ {
+-  (void) session;
+-  (void) userdata;
+-
+-  kDebug(KIO_SFTP_DB) << "[" << priority << "] " << message;
++    (void) userdata;
++
++    kDebug(KIO_SFTP_DB) << "[" << function << "] (" << priority << ") " << buffer;
+ }
+ 
+ int sftpProtocol::authenticateKeyboardInteractive(AuthInfo &info) {
+@@ -464,11 +463,33 @@
+ 
+   mCallbacks->userdata = this;
+   mCallbacks->auth_function = ::auth_callback;
+-  if (getenv("KIO_SFTP_LOG_VERBOSITY")) {
+-    mCallbacks->log_function = ::log_callback;
+-  }
+ 
+   ssh_callbacks_init(mCallbacks);
++
++  char *verbosity = getenv("KIO_SFTP_LOG_VERBOSITY");
++  if (verbosity != NULL) {
++    int level = atoi(verbosity);
++    int rc;
++
++    rc = ssh_set_log_level(level);
++    if (rc != SSH_OK) {
++      error(KIO::ERR_INTERNAL, i18n("Could not set log verbosity."));
++      return;
++    }
++
++    rc = ssh_set_log_userdata(this);
++    if (rc != SSH_OK) {
++      error(KIO::ERR_INTERNAL, i18n("Could not set log userdata."));
++      return;
++    }
++
++    rc = ssh_set_log_callback(::log_callback);
++    if (rc != SSH_OK) {
++      error(KIO::ERR_INTERNAL, i18n("Could not set log callback."));
++      return;
++    }
++  }
++
+ }
+ 
+ sftpProtocol::~sftpProtocol() {
+@@ -556,15 +577,6 @@
+     rc = ssh_options_set(mSession, SSH_OPTIONS_USER, info.username.toUtf8().constData());
+     if (rc < 0) {
+       error(KIO::ERR_INTERNAL, i18n("Could not set username."));
+-      return false;
+-    }
+-  }
+-
+-  char* verbosity = getenv("KIO_SFTP_LOG_VERBOSITY");
+-  if (verbosity) {
+-    rc = ssh_options_set(mSession, SSH_OPTIONS_LOG_VERBOSITY_STR, verbosity);
+-    if (rc < 0) {
+-      error(KIO::ERR_INTERNAL, i18n("Could not set log verbosity."));
+       return false;
+     }
+   }
+
+--- a/kioslave/sftp/kio_sftp.h
++++ b/kioslave/sftp/kio_sftp.h
+@@ -73,8 +73,8 @@
+ 
+   // libssh logging callback (note that this is called by the
+   // global ::log_callback() call.
+-  void log_callback(ssh_session session, int priority, const char *message,
+-    void *userdata);
++  void log_callback(int priority, const char *function, const char *buffer,
++                    void *userdata);
+ 
+ private: // Private variables
+   /** True if ioslave is connected to sftp server. */
+




More information about the arch-commits mailing list