[arch-commits] Commit in kdebase-runtime/trunk (PKGBUILD libssh05.patch)
Andrea Scarpino
andrea at nymeria.archlinux.org
Fri Apr 18 10:16:35 UTC 2014
Date: Friday, April 18, 2014 @ 12:16:35
Author: andrea
Revision: 211192
upgpkg: kdebase-runtime 4.13.0-2
We still build upon libssh 0.5, so this patch is needed
Added:
kdebase-runtime/trunk/libssh05.patch
Modified:
kdebase-runtime/trunk/PKGBUILD
----------------+
PKGBUILD | 11 +-
libssh05.patch | 269 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 277 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2014-04-18 09:24:58 UTC (rev 211191)
+++ PKGBUILD 2014-04-18 10:16:35 UTC (rev 211192)
@@ -4,7 +4,7 @@
pkgname=kdebase-runtime
pkgver=4.13.0
-pkgrel=1
+pkgrel=2
pkgdesc="Plugins and applications necessary for the running of KDE applications"
arch=('i686' 'x86_64')
url='https://projects.kde.org/projects/kde/kde-runtime'
@@ -18,11 +18,16 @@
'htdig: to build the search index in the KHelpCenter'
'rarian: needed by KHelpCenter')
install="${pkgname}.install"
-source=("http://download.kde.org/stable/${pkgver}/src/kde-runtime-${pkgver}.tar.xz")
-sha1sums=('0ec0970baeb806fa036c9241821d494006d49198')
+source=("http://download.kde.org/stable/${pkgver}/src/kde-runtime-${pkgver}.tar.xz"
+ 'libssh05.patch')
+sha1sums=('0ec0970baeb806fa036c9241821d494006d49198'
+ 'c360f682dc5b51e2f9f893b625807b4d62f646ab')
prepare() {
mkdir build
+
+ cd kde-runtime-${pkgver}
+ patch -Rp1 -i "${srcdir}"/libssh05.patch
}
build() {
Added: libssh05.patch
===================================================================
--- libssh05.patch (rev 0)
+++ libssh05.patch 2014-04-18 10:16:35 UTC (rev 211192)
@@ -0,0 +1,269 @@
+commit 40076246be995cc006a12f8afc2c18cfacbf0604
+Author: Andreas Schneider <asn at cryptomilk.org>
+Date: Thu Jan 9 10:19:06 2014 +0100
+
+ kio_sftp: Support ECDSA keys.
+
+ This migrates to the API of libssh 0.6.0.
+
+ BUG: 327024
+
+diff --git a/kioslave/CMakeLists.txt b/kioslave/CMakeLists.txt
+index 026ae9b..b150290 100644
+--- a/kioslave/CMakeLists.txt
++++ b/kioslave/CMakeLists.txt
+@@ -11,7 +11,7 @@ set_package_properties(Samba PROPERTIES DESCRIPTION "the SMB client library, a v
+ )
+ endif(NOT WIN32)
+
+-macro_optional_find_package(LibSSH 0.4.0)
++macro_optional_find_package(LibSSH 0.6.0)
+ set_package_properties(LibSSH PROPERTIES DESCRIPTION "the SSH library with SFTP support"
+ URL "http://www.libssh.org/"
+ TYPE OPTIONAL
+diff --git a/kioslave/sftp/kio_sftp.cpp b/kioslave/sftp/kio_sftp.cpp
+index 8c34faa..14bcaf6 100644
+--- a/kioslave/sftp/kio_sftp.cpp
++++ b/kioslave/sftp/kio_sftp.cpp
+@@ -632,8 +632,10 @@ void sftpProtocol::openConnection() {
+ QString msg; // msg for dialog box
+ QString caption; // dialog box caption
+ unsigned char *hash = NULL; // the server hash
++ ssh_key srv_pubkey;
+ char *hexa;
+- int rc, state, hlen;
++ size_t hlen;
++ int rc, state;
+
+ // Attempt to start a ssh session and establish a connection with the server.
+ if (!sftpOpenConnection(info)) {
+@@ -643,13 +645,25 @@ void sftpProtocol::openConnection() {
+ kDebug(KIO_SFTP_DB) << "Getting the SSH server hash";
+
+ /* get the hash */
+- hlen = ssh_get_pubkey_hash(mSession, &hash);
+- if (hlen < 0) {
++ rc = ssh_get_publickey(mSession, &srv_pubkey);
++ if (rc < 0) {
+ error(KIO::ERR_SLAVE_DEFINED, QString::fromUtf8(ssh_get_error(mSession)));
+ closeConnection();
+ return;
+ }
+
++ rc = ssh_get_publickey_hash(srv_pubkey,
++ SSH_PUBLICKEY_HASH_SHA1,
++ &hash,
++ &hlen);
++ ssh_key_free(srv_pubkey);
++ if (rc < 0) {
++ error(KIO::ERR_SLAVE_DEFINED,
++ i18n("Could not create hash from server public key"));
++ closeConnection();
++ return;
++ }
++
+ kDebug(KIO_SFTP_DB) << "Checking if the SSH server is known";
+
+ /* check the server public key hash */
+@@ -658,7 +672,7 @@ void sftpProtocol::openConnection() {
+ case SSH_SERVER_KNOWN_OK:
+ break;
+ case SSH_SERVER_FOUND_OTHER:
+- delete hash;
++ ssh_string_free_char((char *)hash);
+ error(KIO::ERR_SLAVE_DEFINED, i18n("The host key for this server was "
+ "not found, but another type of key exists.\n"
+ "An attacker might change the default server key to confuse your "
+@@ -668,7 +682,7 @@ void sftpProtocol::openConnection() {
+ return;
+ case SSH_SERVER_KNOWN_CHANGED:
+ hexa = ssh_get_hexa(hash, hlen);
+- delete hash;
++ ssh_string_free_char((char *)hash);
+ /* TODO print known_hosts file, port? */
+ error(KIO::ERR_SLAVE_DEFINED, i18n("The host key for the server %1 has changed.\n"
+ "This could either mean that DNS SPOOFING is happening or the IP "
+@@ -676,18 +690,18 @@ void sftpProtocol::openConnection() {
+ "The fingerprint for the key sent by the remote host is:\n %2\n"
+ "Please contact your system administrator.\n%3",
+ mHost, QString::fromUtf8(hexa), QString::fromUtf8(ssh_get_error(mSession))));
+- delete hexa;
++ ssh_string_free_char(hexa);
+ closeConnection();
+ return;
+ case SSH_SERVER_FILE_NOT_FOUND:
+ case SSH_SERVER_NOT_KNOWN:
+ hexa = ssh_get_hexa(hash, hlen);
+- delete hash;
++ ssh_string_free_char((char *)hash);
+ caption = i18n("Warning: Cannot verify host's identity.");
+ msg = i18n("The authenticity of host %1 cannot be established.\n"
+ "The key fingerprint is: %2\n"
+ "Are you sure you want to continue connecting?", mHost, hexa);
+- delete hexa;
++ ssh_string_free_char(hexa);
+
+ if (KMessageBox::Yes != messageBox(WarningYesNo, msg, caption)) {
+ closeConnection();
+@@ -704,7 +718,7 @@ void sftpProtocol::openConnection() {
+ }
+ break;
+ case SSH_SERVER_ERROR:
+- delete hash;
++ ssh_string_free_char((char *)hash);
+ error(KIO::ERR_SLAVE_DEFINED, QString::fromUtf8(ssh_get_error(mSession)));
+ return;
+ }
+@@ -732,7 +746,7 @@ void sftpProtocol::openConnection() {
+ if (rc != SSH_AUTH_SUCCESS && (method & SSH_AUTH_METHOD_PUBLICKEY)) {
+ kDebug(KIO_SFTP_DB) << "Trying to authenticate with public key";
+ for(;;) {
+- rc = ssh_userauth_autopubkey(mSession, NULL);
++ rc = ssh_userauth_publickey_auto(mSession, NULL, NULL);
+ if (rc == SSH_AUTH_ERROR) {
+ kDebug(KIO_SFTP_DB) << "Public key authentication failed:" <<
+ QString::fromUtf8(ssh_get_error(mSession));
+@@ -747,6 +761,19 @@ void sftpProtocol::openConnection() {
+ }
+ }
+
++ // Try to authenticate with GSSAPI
++ if (rc != SSH_AUTH_SUCCESS && (method & SSH_AUTH_METHOD_GSSAPI_MIC)) {
++ kDebug(KIO_SFTP_DB) << "Trying to authenticate with GSSAPI";
++ rc = ssh_userauth_gssapi(mSession);
++ if (rc == SSH_AUTH_ERROR) {
++ kDebug(KIO_SFTP_DB) << "Public key authentication failed:" <<
++ QString::fromUtf8(ssh_get_error(mSession));
++ closeConnection();
++ error(KIO::ERR_COULD_NOT_LOGIN, i18n("Authentication failed."));
++ return;
++ }
++ }
++
+ // Try to authenticate with keyboard interactive
+ if (rc != SSH_AUTH_SUCCESS && (method & SSH_AUTH_METHOD_INTERACTIVE)) {
+ kDebug(KIO_SFTP_DB) << "Trying to authenticate with keyboard interactive";
+From: Andreas Schneider <asn at cryptomilk.org>
+Date: Mon, 13 Jan 2014 09:42:44 +0000
+Subject: kio_sftp: Migrate to new libssh logging functionality.
+X-Git-Tag: v4.12.80
+X-Git-Url: http://quickgit.kde.org/?p=kde-runtime.git&a=commitdiff&h=9248c790b0cbcbe1c4c8519e7b7da9b504616fad
+---
+kio_sftp: Migrate to new libssh logging functionality.
+---
+
+
+--- a/kioslave/sftp/kio_sftp.cpp
++++ b/kioslave/sftp/kio_sftp.cpp
+@@ -176,16 +176,16 @@
+ return 0;
+ }
+
+-static void log_callback(ssh_session session, int priority, const char *message,
++static void log_callback(int priority, const char *function, const char *buffer,
+ void *userdata)
+ {
+- if (userdata == NULL) {
+- return;
+- }
+-
+- sftpProtocol *slave = (sftpProtocol *) userdata;
+-
+- slave->log_callback(session, priority, message, userdata);
++ if (userdata == NULL) {
++ return;
++ }
++
++ sftpProtocol *slave = (sftpProtocol *) userdata;
++
++ slave->log_callback(priority, function, buffer, userdata);
+ }
+
+ int sftpProtocol::auth_callback(const char *prompt, char *buf, size_t len,
+@@ -235,13 +235,12 @@
+ return 0;
+ }
+
+-void sftpProtocol::log_callback(ssh_session session, int priority,
+- const char *message, void *userdata)
++void sftpProtocol::log_callback(int priority, const char *function, const char *buffer,
++ void *userdata)
+ {
+- (void) session;
+- (void) userdata;
+-
+- kDebug(KIO_SFTP_DB) << "[" << priority << "] " << message;
++ (void) userdata;
++
++ kDebug(KIO_SFTP_DB) << "[" << function << "] (" << priority << ") " << buffer;
+ }
+
+ int sftpProtocol::authenticateKeyboardInteractive(AuthInfo &info) {
+@@ -464,11 +463,33 @@
+
+ mCallbacks->userdata = this;
+ mCallbacks->auth_function = ::auth_callback;
+- if (getenv("KIO_SFTP_LOG_VERBOSITY")) {
+- mCallbacks->log_function = ::log_callback;
+- }
+
+ ssh_callbacks_init(mCallbacks);
++
++ char *verbosity = getenv("KIO_SFTP_LOG_VERBOSITY");
++ if (verbosity != NULL) {
++ int level = atoi(verbosity);
++ int rc;
++
++ rc = ssh_set_log_level(level);
++ if (rc != SSH_OK) {
++ error(KIO::ERR_INTERNAL, i18n("Could not set log verbosity."));
++ return;
++ }
++
++ rc = ssh_set_log_userdata(this);
++ if (rc != SSH_OK) {
++ error(KIO::ERR_INTERNAL, i18n("Could not set log userdata."));
++ return;
++ }
++
++ rc = ssh_set_log_callback(::log_callback);
++ if (rc != SSH_OK) {
++ error(KIO::ERR_INTERNAL, i18n("Could not set log callback."));
++ return;
++ }
++ }
++
+ }
+
+ sftpProtocol::~sftpProtocol() {
+@@ -556,15 +577,6 @@
+ rc = ssh_options_set(mSession, SSH_OPTIONS_USER, info.username.toUtf8().constData());
+ if (rc < 0) {
+ error(KIO::ERR_INTERNAL, i18n("Could not set username."));
+- return false;
+- }
+- }
+-
+- char* verbosity = getenv("KIO_SFTP_LOG_VERBOSITY");
+- if (verbosity) {
+- rc = ssh_options_set(mSession, SSH_OPTIONS_LOG_VERBOSITY_STR, verbosity);
+- if (rc < 0) {
+- error(KIO::ERR_INTERNAL, i18n("Could not set log verbosity."));
+ return false;
+ }
+ }
+
+--- a/kioslave/sftp/kio_sftp.h
++++ b/kioslave/sftp/kio_sftp.h
+@@ -73,8 +73,8 @@
+
+ // libssh logging callback (note that this is called by the
+ // global ::log_callback() call.
+- void log_callback(ssh_session session, int priority, const char *message,
+- void *userdata);
++ void log_callback(int priority, const char *function, const char *buffer,
++ void *userdata);
+
+ private: // Private variables
+ /** True if ioslave is connected to sftp server. */
+
More information about the arch-commits
mailing list