![](https://seccdn.libravatar.org/avatar/e2145bc5cf53dda95c308a3c75e8fef3.jpg?s=120&d=mm&r=g)
Hello community, here is the log from the commit of package libssh2 checked in at Fri Aug 15 00:50:11 CEST 2008. -------- --- libssh2/libssh2.changes 2008-06-26 04:54:03.000000000 +0200 +++ libssh2/libssh2.changes 2008-08-14 06:21:28.000000000 +0200 @@ -1,0 +2,9 @@ +Thu Aug 14 06:20:14 CEST 2008 - crrodriguez@suse.de + +- update current snap , version 20080814 + * Sean Peterson fixed a key re-exchange bug: + http://daniel.haxx.se/projects/libssh2/mail/libssh2-devel-archive-2008-06/00... + + + +------------------------------------------------------------------- Old: ---- libssh2-0.19.0+snap20080626.tar.bz2 New: ---- libssh2-0.19.0+20080814.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libssh2.spec ++++++ --- /var/tmp/diff_new_pack.f28392/_old 2008-08-15 00:48:47.000000000 +0200 +++ /var/tmp/diff_new_pack.f28392/_new 2008-08-15 00:48:47.000000000 +0200 @@ -1,10 +1,17 @@ # -# spec file for package libssh2 (Version 0.19.0+snap20080626) +# spec file for package libssh2 (Version 0.19.0+20080814) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. -# This file and all modifications and additions to the pristine -# package are under the same license as the package itself. # +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + # Please submit bugfixes or comments via http://bugs.opensuse.org/ # @@ -13,7 +20,7 @@ Summary: A library implementing the SSH2 protocol Name: libssh2 -Version: 0.19.0+snap20080626 +Version: 0.19.0+20080814 Release: 1 Group: Development/Libraries/C and C++ Source: http://heanet.dl.sourceforge.net/sourceforge/libssh2/%{name}-%{version}.tar.bz2 @@ -74,7 +81,6 @@ %install %{__make} install DESTDIR=%{buildroot} %{__rm} -f %{buildroot}%{_libdir}/*.la -grep -r include %{buildroot}%{_includedir} %check %{__make} check @@ -97,6 +103,10 @@ %{_mandir}/man3/* %changelog +* Thu Aug 14 2008 crrodriguez@suse.de +- update current snap , version 20080814 + * Sean Peterson fixed a key re-exchange bug: + http://daniel.haxx.se/projects/libssh2/mail/libssh2-devel-archive-2008-06/00... * Thu Jun 26 2008 crrodriguez@suse.de - update to version 0.19.0-20080626, two bugfixes * Mon Jun 23 2008 crrodriguez@suse.de ++++++ libssh2-0.19.0+snap20080626.tar.bz2 -> libssh2-0.19.0+20080814.tar.bz2 ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/aclocal.m4 new/libssh2-0.19.0+20080814/aclocal.m4 --- old/libssh2-0.19.0+snap20080626/aclocal.m4 2008-02-14 04:02:16.000000000 +0100 +++ new/libssh2-0.19.0+20080814/aclocal.m4 2008-06-29 04:02:18.000000000 +0200 @@ -13,7 +13,7 @@ # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- -# serial 52 Debian 1.5.26-1 AC_PROG_LIBTOOL +# serial 52 Debian 1.5.26-4 AC_PROG_LIBTOOL # AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED) diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/ChangeLog new/libssh2-0.19.0+20080814/ChangeLog --- old/libssh2-0.19.0+snap20080626/ChangeLog 2008-06-26 04:02:30.000000000 +0200 +++ new/libssh2-0.19.0+20080814/ChangeLog 2008-08-14 04:02:35.000000000 +0200 @@ -1,3 +1,16 @@ +2008-07-03 Daniel Stenberg + + * NEWS, src/kex.c, src/libssh2_priv.h, src/packet.c, + src/sshentry.c, src/transport.c: Sean Peterson's key re-exchange + fix. See his long explanation on: + + http://daniel.haxx.se/projects/libssh2/mail/libssh2-devel-archive-2008-06/00... + +2008-07-03 Daniel Stenberg + + * docs/libssh2_session_abstract.3, + docs/libssh2_session_set_blocking.3: minor language updates + 2008-06-24 Daniel Stenberg * src/sftp.c: Gah, I broke Sebastian's patch when I left out the diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/docs/libssh2_session_abstract.3 new/libssh2-0.19.0+20080814/docs/libssh2_session_abstract.3 --- old/libssh2-0.19.0+snap20080626/docs/libssh2_session_abstract.3 2007-06-14 17:26:58.000000000 +0200 +++ new/libssh2-0.19.0+20080814/docs/libssh2_session_abstract.3 2008-07-04 04:02:05.000000000 +0200 @@ -1,4 +1,4 @@ -.\" $Id: libssh2_session_abstract.3,v 1.1 2007/06/14 15:26:58 jehousley Exp $ +.\" $Id: libssh2_session_abstract.3,v 1.2 2008/07/03 10:58:53 bagder Exp $ .\" .TH libssh2_session_abstract 3 "1 Jun 2007" "libssh2 0.15" "libssh2 manual" .SH NAME @@ -13,10 +13,10 @@ \fIsession\fP - Session instance as returned by .BR libssh2_session_init_ex(3) -Return a pointer to where the abstract pointer provided to -.BR libssh2_session_init_ex(3) - is stored. By providing a doubly de-referenced pointer, the internal - storage of the session instance may be modified in place. +Return a pointer to where the abstract pointer provided to +\fBlibssh2_session_init_ex(3)\fP is stored. By providing a doubly +de-referenced pointer, the internal storage of the session instance may be +modified in place. .SH RETURN VALUE A pointer to session internal storage whos contents point to previously diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/docs/libssh2_session_set_blocking.3 new/libssh2-0.19.0+20080814/docs/libssh2_session_set_blocking.3 --- old/libssh2-0.19.0+snap20080626/docs/libssh2_session_set_blocking.3 2007-06-14 19:23:13.000000000 +0200 +++ new/libssh2-0.19.0+20080814/docs/libssh2_session_set_blocking.3 2008-07-04 04:02:05.000000000 +0200 @@ -1,4 +1,4 @@ -.\" $Id: libssh2_session_set_blocking.3,v 1.1 2007/06/14 17:23:13 jehousley Exp $ +.\" $Id: libssh2_session_set_blocking.3,v 1.2 2008/07/03 10:58:53 bagder Exp $ .\" .TH libssh2_session_set_blocking 3 "1 Jun 2007" "libssh2 0.15" "libssh2 manual" .SH NAME @@ -16,14 +16,14 @@ \fIblocking\fP - Set to a non-zero value to make the channel block, or zero to make it non-blocking. -Set or clear blocking mode on the selected on the sessoin. This will -instantly affect any channels associtated with this session. If a read is -performed on a session with no data currently available, a blocking -session will wait for data to arrive and return what it receives. -A non-blocking session will return immediately with an empty buffer. -If a write is performed on a session with -no room for more data, a blocking session will wait for room. A non-blocking -session will return immediately without writing anything. +Set or clear blocking mode on the selected on the session. This will +instantly affect any channels associated with this session. If a read is +performed on a session with no data currently available, a blocking session +will wait for data to arrive and return what it receives. A non-blocking +session will return immediately with an empty buffer. If a write is performed +on a session with no room for more data, a blocking session will wait for +room. A non-blocking session will return immediately without writing +anything. .SH RETURN VALUE None diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/include/libssh2.h new/libssh2-0.19.0+20080814/include/libssh2.h --- old/libssh2-0.19.0+snap20080626/include/libssh2.h 2008-06-26 04:02:32.000000000 +0200 +++ new/libssh2-0.19.0+20080814/include/libssh2.h 2008-08-14 04:02:37.000000000 +0200 @@ -82,7 +82,7 @@ typedef long long libssh2_int64_t; #endif -#define LIBSSH2_VERSION "0.19.0-20080626" +#define LIBSSH2_VERSION "0.19.0-20080814" /* The numeric version number is also available "in parts" by using these defines: */ @@ -116,7 +116,7 @@ * * "Mon Feb 12 11:35:33 UTC 2007" */ -#define LIBSSH2_TIMESTAMP "Thu Jun 26 02:02:20 UTC 2008" +#define LIBSSH2_TIMESTAMP "Thu Aug 14 02:02:25 UTC 2008" /* Part of every banner, user specified or not */ #define LIBSSH2_SSH_BANNER "SSH-2.0-libssh2_" LIBSSH2_VERSION diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/ltmain.sh new/libssh2-0.19.0+20080814/ltmain.sh --- old/libssh2-0.19.0+snap20080626/ltmain.sh 2008-02-02 14:28:24.000000000 +0100 +++ new/libssh2-0.19.0+20080814/ltmain.sh 2008-04-29 23:33:55.000000000 +0200 @@ -43,7 +43,7 @@ PROGRAM=ltmain.sh PACKAGE=libtool -VERSION="1.5.26 Debian 1.5.26-1" +VERSION="1.5.26 Debian 1.5.26-4" TIMESTAMP=" (1.1220.2.493 2008/02/01 16:58:18)" # Be Bourne compatible (taken from Autoconf:_AS_BOURNE_COMPATIBLE). diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/NEWS new/libssh2-0.19.0+20080814/NEWS --- old/libssh2-0.19.0+snap20080626/NEWS 2008-03-08 04:02:12.000000000 +0100 +++ new/libssh2-0.19.0+20080814/NEWS 2008-07-04 04:02:05.000000000 +0200 @@ -1,6 +1,9 @@ Version 0.19 ( ) ------------------------------- +- Sean Peterson fixed a key re-exchange bug: + http://daniel.haxx.se/projects/libssh2/mail/libssh2-devel-archive-2008-06/00... + - Mike Protts filed the bug report #1908724 that identified and fixed a problem with SFTP stat on files >4GB in size. Previously it used 32bit math only. diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/src/kex.c new/libssh2-0.19.0+20080814/src/kex.c --- old/libssh2-0.19.0+snap20080626/src/kex.c 2007-11-19 04:02:11.000000000 +0100 +++ new/libssh2-0.19.0+20080814/src/kex.c 2008-07-04 04:02:06.000000000 +0200 @@ -1680,6 +1680,8 @@ int rc = 0; int retcode; + session->state |= LIBSSH2_STATE_KEX_ACTIVE; + if (key_state->state == libssh2_NB_state_idle) { /* Prevent loop in packet_add() */ session->state |= LIBSSH2_STATE_EXCHANGING_KEYS; @@ -1711,11 +1713,14 @@ if (key_state->state == libssh2_NB_state_sent) { retcode = libssh2_kexinit(session); if (retcode == PACKET_EAGAIN) { + session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; return PACKET_EAGAIN; } else if (retcode) { session->local.kexinit = key_state->oldlocal; session->local.kexinit_len = key_state->oldlocal_len; key_state->state = libssh2_NB_state_idle; + session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; + session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; return -1; } @@ -1729,6 +1734,7 @@ &key_state->data_len, 0, NULL, 0, &key_state->req_state); if (retcode == PACKET_EAGAIN) { + session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; return PACKET_EAGAIN; } else if (retcode) { if (session->local.kexinit) { @@ -1737,6 +1743,8 @@ session->local.kexinit = key_state->oldlocal; session->local.kexinit_len = key_state->oldlocal_len; key_state->state = libssh2_NB_state_idle; + session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; + session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; return -1; } @@ -1763,6 +1771,7 @@ session->kex->exchange_keys(session, &key_state->key_state_low); if (retcode == PACKET_EAGAIN) { + session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; return PACKET_EAGAIN; } else if (retcode) { libssh2_error(session, LIBSSH2_ERROR_KEY_EXCHANGE_FAILURE, @@ -1782,6 +1791,7 @@ session->remote.kexinit = NULL; } + session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; key_state->state = libssh2_NB_state_idle; diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/src/libssh2_priv.h new/libssh2-0.19.0+20080814/src/libssh2_priv.h --- old/libssh2-0.19.0+snap20080626/src/libssh2_priv.h 2007-08-07 04:02:20.000000000 +0200 +++ new/libssh2-0.19.0+20080814/src/libssh2_priv.h 2008-07-04 04:02:06.000000000 +0200 @@ -833,6 +833,7 @@ #define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000001 #define LIBSSH2_STATE_NEWKEYS 0x00000002 #define LIBSSH2_STATE_AUTHENTICATED 0x00000004 +#define LIBSSH2_STATE_KEX_ACTIVE 0x00000008 /* session.flag helpers */ #ifdef MSG_NOSIGNAL diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/src/packet.c new/libssh2-0.19.0+20080814/src/packet.c --- old/libssh2-0.19.0+snap20080626/src/packet.c 2007-08-07 04:02:22.000000000 +0200 +++ new/libssh2-0.19.0+20080814/src/packet.c 2008-07-04 04:02:06.000000000 +0200 @@ -914,11 +914,31 @@ session->packAdd_state = libssh2_NB_state_sent2; } + + /* + * The KEXINIT message has been added to the queue. + * The packAdd and readPack states need to be reset + * because libssh2_kex_exchange (eventually) calls upon + * libssh2_packet_read to read the rest of the key exchange + * conversation. + */ + session->readPack_state = libssh2_NB_state_idle; + session->packet.total_num = 0; + session->packAdd_state = libssh2_NB_state_idle; + session->fullpacket_state = libssh2_NB_state_idle; + + /* + * Also, don't use packAdd_key_state for key re-exchange, + * as it will be wiped out in the middle of the exchange. + * How about re-using the startup_key_state? + */ + memset(&session->startup_key_state, 0, sizeof(key_exchange_state_t)); + /* * If there was a key reexchange failure, let's just hope we didn't * send NEWKEYS yet, otherwise remote will drop us like a rock */ - rc = libssh2_kex_exchange(session, 1, &session->packAdd_key_state); + rc = libssh2_kex_exchange(session, 1, &session->startup_key_state); if (rc == PACKET_EAGAIN) { return PACKET_EAGAIN; } diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libssh2-0.19.0+snap20080626/src/transport.c new/libssh2-0.19.0+20080814/src/transport.c --- old/libssh2-0.19.0+snap20080626/src/transport.c 2007-11-09 04:02:22.000000000 +0100 +++ new/libssh2-0.19.0+20080814/src/transport.c 2008-07-04 04:02:06.000000000 +0200 @@ -269,6 +269,40 @@ int blocksize; int encrypted = 1; + int status; + + /* + * All channels, systems, subsystems, etc eventually make it down here + * when looking for more incoming data. If a key exchange is going on + * (LIBSSH2_STATE_EXCHANGING_KEYS bit is set) then the remote end + * will ONLY send key exchange related traffic. In non-blocking mode, + * there is a chance to break out of the kex_exchange function with an + * EAGAIN status, and never come back to it. If LIBSSH2_STATE_EXCHANGING_KEYS + * is active, then we must redirect to the key exchange. However, + * if kex_exchange is active (as in it is the one that calls this execution + * of packet_read, then don't redirect, as that would be an infinite loop! + */ + + if (session->state & LIBSSH2_STATE_EXCHANGING_KEYS && + !(session->state & LIBSSH2_STATE_KEX_ACTIVE)) { + + /* Whoever wants a packet won't get anything until the key re-exchange + * is done! + */ + _libssh2_debug(session, LIBSSH2_DBG_TRANS, "Redirecting into the" + " key re-exchange"); + status = libssh2_kex_exchange(session, 1, &session->startup_key_state); + if (status == PACKET_EAGAIN) { + libssh2_error(session, LIBSSH2_ERROR_EAGAIN, + "Would block exchanging encryption keys", 0); + return PACKET_EAGAIN; + } else if (status) { + libssh2_error(session, LIBSSH2_ERROR_KEX_FAILURE, + "Unable to exchange encryption keys",0); + return LIBSSH2_ERROR_KEX_FAILURE; + } + } + /* * =============================== NOTE =============================== * I know this is very ugly and not a really good use of "goto", but @@ -527,8 +561,21 @@ libssh2_packet_read_point1: rc = fullpacket(session, encrypted); if (rc == PACKET_EAGAIN) { - session->readPack_encrypted = encrypted; - session->readPack_state = libssh2_NB_state_jump1; + + if (session->packAdd_state != libssh2_NB_state_idle) + { + /* fullpacket only returns PACKET_EAGAIN if + * libssh2_packet_add returns PACKET_EAGAIN. If that + * returns PACKET_EAGAIN but the packAdd_state is idle, + * then the packet has been added to the brigade, but some + * immediate action that was taken based on the packet + * type (such as key re-exchange) is not yet complete. + * Clear the way for a new packet to be read in. + */ + session->readPack_encrypted = encrypted; + session->readPack_state = libssh2_NB_state_jump1; + } + return PACKET_EAGAIN; } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org