Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package apache-sshd for openSUSE:Factory checked in at 2021-07-30 23:22:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apache-sshd (Old) and /work/SRC/openSUSE:Factory/.apache-sshd.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "apache-sshd" Fri Jul 30 23:22:25 2021 rev:3 rq:909404 version:2.7.0 Changes: -------- --- /work/SRC/openSUSE:Factory/apache-sshd/apache-sshd.changes 2020-07-17 20:50:31.808900264 +0200 +++ /work/SRC/openSUSE:Factory/.apache-sshd.new.1899/apache-sshd.changes 2021-07-30 23:22:57.743584621 +0200 @@ -1,0 +2,226 @@ +Fri Jul 30 08:13:19 UTC 2021 - Fridrich Strba <fstrba@suse.com> + +- Upgrade to version 2.7.0 +- Changes in version 2.5.0 + * Major code re-factoring + + Reception of an SSH_MSG_UNIMPLEMENTED response to a + SSH_MSG_GLOBAL_REQUEST is translated internally into same code + flow as if an SSH_MSH_REQUEST_FAILURE has been received - see + SSHD-968. + + Server SFTP subsystem internal code dealing with the local + files has been delegated to the SftpFileSystemAccessor in + order to allow easier hooking into the SFTP subsystem. + - Resolving a local file path for an SFTP remote one + - Reading/Writing a file's attribute(s) + - Creating files links + - Copying / Renaming / Deleting files + + SftpVersionSelector is now consulted when client sends initial + command (as well as when session is re-negotiated) + + ScpCommandFactory is also a ShellFactory that can be used to + provide a minimalistic shell that is good enough for WinSCP. + + Rework SFTP streams so that the client asks and receives as + much data as possible - see SSHD-979. + * Minor code helpers + + Handling of debug/ignore/unimplemented messages has been split + into handleXXX and doInvokeXXXMsgHandler methods where the + former validate the messages and deal with the idle timeout, + and the latter execute the actual invcation. + + Added overloaded methods that accept a java.time.Duration + specifier for timeout value. + + The argument representing the SFTP subsystem in invocations to + SftpFileSystemAccessor has been enhanced to expose as much of + the available functionality as possible. + * Behavioral changes and enhancements + + SSHD-964 - Send SSH_MSG_CHANNEL_EOF when tunnel channel being + closed. + + SSHD-967 - Extra bytes written when + SftpRemotePathChannel#transferTo is used. + + SSHD-968 - Interpret SSH_MSG_UNIMPLEMENTED response to a + heartbeat request as a liveness indicator + + SSHD-970 - transferTo function of SftpRemotePathChannel will + loop if count parameter is greater than file size + + SSHD-972 - Add support for peers using OpenSSH "security key" + key types + + SSHD-977 - Apply consistent logging policy to caught + exceptions + + SSHD-660 - Added support for server-side signed certificate + keys + + SSHD-984 - Utility method to export KeyPair in OpenSSH format + + SSHD-992 - Provide more hooks into the SFTP server subsystem + via SftpFileSystemAccessor + + SSHD-997 - Fixed OpenSSH private key decoders for RSA and + Ed25519 + + SSHD-998 - Take into account SFTP version preference when + establishing initial channel + + SSHD-989 - Read correctly ECDSA key pair from PKCS8 encoded + data + + SSHD-1009 - Provide a minimalistic shell for supporting WinSCP + SCP mode. +- Changes in version 2.5.1 + * Behavioral changes and enhancements + + SSHD-1022 NPE in SftpOutputStreamAsync#flush() if no data + written in between. +- Changes in version 2.6.0 + * Major code re-factoring + + SshServerMain uses by default an ECDSA key instead of an RSA + one. This can be overridden either by -key-type / -key-size or + -key-file command line option. + + SSHD-1034 Rename org.apache.sshd.common.ForwardingFilter to + Forwarder. + + SSHD-1035 Move property definitions to common locations. + + SSHD-1038 Refactor packages from a module into a cleaner + hierarchy. + + SSHD-1080 Rework the PacketWriter to split according to the + various semantics + + SSHD-1084 Revert the usage of asynchronous streams when + forwarding ports. + * Minor code helpers + + SSHD-1004 Using a more constant time MAC validation to + minimize timing side channel information leak. + + SSHD-1030 Added a NoneFileSystemFactory implementation + + SSHD-1042 Added more callbacks to SftpEventListener + + SSHD-1040 Make server key available after KEX completed. + + SSHD-1060 Do not store logger level in fields. + + SSHD-1064 Fixed ClientSession#executeRemoteCommand handling + of STDERR in case of exception to behave according to its + documentation + + SSHD-1076 Break down ClientUserAuthService#auth method into + several to allow for flexible override + + SSHD-1077 Added command line option to request specific SFTP + version in SftpCommandMain + + SSHD-1079 Experimental async mode on the local port forwarder + + SSHD-1086 Added SFTP aware directory scanning helper classes + + SSHD-1089 Added wrappers for one-time single session usage of + SFTP/SCP clients + + Propagate SCP file transfer ACK data to ScpTransferListener + before validating it. + * Behavioral changes and enhancements + + SSHD-506 Added support for AES-GCM ciphers. + + SSHD-954 Improve validation of DH public key values. + + SSHD-1004 Deprecate DES, RC4 and Blowfish ciphers from default + setup. + + SSHD-1004 Deprecate SHA-1 based key exchanges and signatures + from default setup. + + SSHD-1004 Deprecate MD5-based and truncated HMAC algorithms + from default setup. + + SSHD-1005 Added support for SCP remote-to-remote file transfer + + SSHD-1020 SSH connections getting closed abruptly with timeout + exceptions. + + SSHD-1026 Improve build reproductibility. + + SSHD-1028 Fix SSH_MSG_DISCONNECT: Too many concurrent + connections. + + SSHD-1032 Fix possible ArrayIndexOutOfBoundsException in + ChannelAsyncOutputStream. + + SSHD-1033 Fix simultaneous usage of dynamic and local port + forwarding. + + SSHD-1039 Fix support for some basic options in ssh/sshd cli. + + SSHD-1047 Support for SSH jumps. + + SSHD-1048 Wrap instead of rethrow IOException in Future. + + SSHD-1050 Fixed race condition in AuthFuture if exception + caught before authentication started. + + SSHD-1053 Fixed handling of certified keys authentication. + + SSHD-1056 Added support for SCP remote-to-remote directory + transfer - including '-3' option of SCP command CLI. + + SSHD-1057 Added capability to select a ShellFactory based on + the current session + use it for "WinSCP" + + SSHD-1058 Improve exception logging strategy. + + SSHD-1059 Do not send heartbeat if KEX state not DONE + + SSHD-1063 Fixed known-hosts file server key verifier matching + of same host with different ports + + SSHD-1066 Allow multiple binding to local port tunnel on + different addresses + + SSHD-1070 OutOfMemoryError when use async port forwarding + + SSHD-1100 Updated used moduli for DH group KEX + + SSHD-1102 Provide filter support for SftpDirectoryStream + + SSHD-1104 Take into account possible key type aliases when + using public key authentication + + SSHD-1107 Allow configuration of minimum DH group exchange key + size via property or programmatically + + SSHD-1108 Increased minimum default DH group exchange key size + to 2048 (but support 1024) +- Changes in version 2.7.0 + * Major code re-factoring + + SSHD-1133 Re-factored locations and names of ServerSession and + server-side ChannelSession related classes + + Moved some helper methods and classes to more natural + locations + * Minor code helpers + + SSHD-525 Added support for "posix-rename@openssh.com" SFTP + extension + + SSHD-1083 Relaxed required Nio2Connector/Acceptor required + constructor arguments + + SSHD-1085 Added CliLogger + more verbosity on SshClientMain + + SSHD-1109 Route tests JUL logging via SLF4JBridgeHandler + + SSHD-1109 Provide full slf4j logger capabilities to CliLogger + and use it in all CLI classes + + SSHD-1110 Replace Class#newInstance() calls with + Class#getDefaultConstructor().newInstance() + + SSHD-1111 Fixed SshClientCliSupport compression option + detection + + SSHD-1116 Provide SessionContext argument to + HostKeyIdentityProvider#loadHostKeys + + SSHD-1116 Provide SessionContext argument to + PasswordIdentityProvider#loadPasswords + + SSHD-1116 Provide SessionContext argument to + AuthenticationIdentitiesProvider#loadIdentities + + SSHD-1125 Added option to require immediate close of channel + in command ExitCallback invocation + + SSHD-1127 Consolidated SftpSubsystem support implementations + into SftpSubsystemConfigurator + + SSHD-1148 Generate a unique thread name for each SftpSubsystem + instance + * Behavioral changes and enhancements + + SSHD-1085 Added more notifications related to channel state + change for detecting channel closing or closed earlier. + + SSHD-1091 Renamed sshd-contrib top-level package in order to + align naming convention. + + SSHD-1097 Added more SessionListener callbacks related to the + initial version and key exchange + + SSHD-1097 Added more capability to send peer identification + via ReservedSessionMessagesHandler + + SSHD-1097 Implemented endless tarpit example in sshd-contrib + + SSHD-1109 Replace log4j with logback as the slf4j logger + implementation for tests + + SSHD-1114 Added callbacks for client-side password + authentication progress + + SSHD-1114 Added callbacks for client-side public key + authentication progress + + SSHD-1114 Added callbacks for client-side host-based + authentication progress + + SSHD-1114 Added capability for interactive password + authentication participation via UserInteraction + + SSHD-1114 Added capability for interactive key based + authentication participation via UserInteraction + + SSHD-1123 Add option to chunk data in ChannelAsyncOutputStream + if window size is smaller than packet size + + SSHD-1125 Added mechanism to throttle pending write requests + in BufferedIoOutputStream ++++ 29 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/apache-sshd/apache-sshd.changes ++++ and /work/SRC/openSUSE:Factory/.apache-sshd.new.1899/apache-sshd.changes Old: ---- apache-sshd-2.4.0-java8.patch apache-sshd-2.4.0-src.tar.gz New: ---- 0002-Fix-manifest-generation.patch apache-sshd-2.7.0-java8.patch apache-sshd-2.7.0-src.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apache-sshd.spec ++++++ --- /var/tmp/diff_new_pack.aKJ01s/_old 2021-07-30 23:22:58.135584190 +0200 +++ /var/tmp/diff_new_pack.aKJ01s/_new 2021-07-30 23:22:58.139584186 +0200 @@ -1,7 +1,7 @@ # # spec file for package apache-sshd # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: apache-sshd -Version: 2.4.0 +Version: 2.7.0 Release: 0 Summary: Apache SSHD # One file has ISC licensing: @@ -27,12 +27,14 @@ Source0: https://archive.apache.org/dist/mina/sshd/%{version}/apache-sshd-%{version}-src.tar.gz # Avoid optional dep on tomcat native APR library Patch0: 0001-Avoid-optional-dependency-on-native-tomcat-APR-libra.patch -Patch1: apache-sshd-2.4.0-java8.patch +Patch1: 0002-Fix-manifest-generation.patch +Patch2: apache-sshd-2.7.0-java8.patch BuildRequires: fdupes BuildRequires: maven-local BuildRequires: mvn(junit:junit) BuildRequires: mvn(net.i2p.crypto:eddsa) BuildRequires: mvn(org.apache.felix:maven-bundle-plugin) +BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin) BuildRequires: mvn(org.apache.maven.plugins:maven-clean-plugin) BuildRequires: mvn(org.apache.maven.plugins:maven-dependency-plugin) BuildRequires: mvn(org.apache.maven.plugins:maven-remote-resources-plugin) @@ -59,14 +61,17 @@ %prep %setup -q -%patch1 -p1 # Avoid optional dep on tomcat native APR library %patch0 -p1 +%patch1 -p1 +%patch2 -p1 + rm -rf sshd-core/src/main/java/org/apache/sshd/agent/unix # Avoid unnecessary dep on spring framework %pom_remove_dep :spring-framework-bom +%pom_remove_dep :testcontainers-bom sshd-sftp # Build the core modules only %pom_disable_module assembly @@ -81,11 +86,13 @@ # Disable plugins we don't need for RPM builds %pom_remove_plugin :apache-rat-plugin -%pom_remove_plugin :groovy-maven-plugin +%pom_remove_plugin :gmavenplus-plugin %pom_remove_plugin :maven-checkstyle-plugin %pom_remove_plugin :maven-enforcer-plugin %pom_remove_plugin :maven-pmd-plugin %pom_remove_plugin :animal-sniffer-maven-plugin +%pom_remove_plugin :impsort-maven-plugin +%pom_remove_plugin :formatter-maven-plugin . sshd-core # Suppress generation of uses clauses %pom_xpath_inject "pom:configuration/pom:instructions" "<_nouses>true</_nouses>" . ++++++ 0001-Avoid-optional-dependency-on-native-tomcat-APR-libra.patch ++++++ --- /var/tmp/diff_new_pack.aKJ01s/_old 2021-07-30 23:22:58.151584173 +0200 +++ /var/tmp/diff_new_pack.aKJ01s/_new 2021-07-30 23:22:58.155584168 +0200 @@ -14,7 +14,7 @@ index 867ca88..7c29678 100644 --- a/pom.xml +++ b/pom.xml -@@ -397,11 +397,6 @@ +@@ -406,11 +406,6 @@ <artifactId>mina-core</artifactId> <version>2.0.21</version> </dependency> @@ -30,19 +30,19 @@ index 6171c5c..73a43a7 100644 --- a/sshd-core/pom.xml +++ b/sshd-core/pom.xml -@@ -42,12 +42,6 @@ - <version>${project.version}</version> +@@ -43,12 +43,6 @@ </dependency> -- <dependency> + <dependency> - <groupId>tomcat</groupId> - <artifactId>tomcat-apr</artifactId> - <optional>true</optional> - </dependency> - - <dependency> +- <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcpg-jdk15on</artifactId> + <optional>true</optional> diff --git a/sshd-core/src/main/java/org/apache/sshd/agent/local/ProxyAgentFactory.java b/sshd-core/src/main/java/org/apache/sshd/agent/local/ProxyAgentFactory.java index ab19539..5757e68 100644 --- a/sshd-core/src/main/java/org/apache/sshd/agent/local/ProxyAgentFactory.java @@ -55,23 +55,23 @@ -import org.apache.sshd.agent.unix.UnixAgentFactory; import org.apache.sshd.common.FactoryManager; import org.apache.sshd.common.PropertyResolver; - import org.apache.sshd.common.PropertyResolverUtils; -@@ -52,9 +50,7 @@ public class ProxyAgentFactory implements SshAgentFactory { + import org.apache.sshd.common.channel.ChannelFactory; +@@ -51,9 +49,7 @@ public class ProxyAgentFactory implements SshAgentFactory { @Override public List<ChannelFactory> getChannelForwardingFactories(FactoryManager manager) { - return isPreferredUnixAgent(manager) -- ? UnixAgentFactory.DEFAULT_FORWARDING_CHANNELS -- : LocalAgentFactory.DEFAULT_FORWARDING_CHANNELS; +- ? UnixAgentFactory.DEFAULT_FORWARDING_CHANNELS +- : LocalAgentFactory.DEFAULT_FORWARDING_CHANNELS; + return LocalAgentFactory.DEFAULT_FORWARDING_CHANNELS; } @Override -@@ -105,16 +101,6 @@ public class ProxyAgentFactory implements SshAgentFactory { +@@ -104,16 +100,6 @@ public class ProxyAgentFactory implements SshAgentFactory { } public static boolean isPreferredUnixAgent(PropertyResolver resolver) { -- if (PropertyResolverUtils.getBooleanProperty(resolver, PREFER_UNIX_AGENT, OsUtils.isUNIX())) { +- if (CoreModuleProperties.PREFER_UNIX_AGENT.getRequired(resolver)) { - try { - if (AprLibrary.getInstance() != null) { - return true; ++++++ 0002-Fix-manifest-generation.patch ++++++ diff -up ./pom.xml.fix ./pom.xml --- ./pom.xml.fix 2021-04-20 21:32:51.749782800 -0400 +++ ./pom.xml 2021-04-20 21:33:22.600740917 -0400 @@ -1020,7 +1020,6 @@ </goals> <configuration> <instructions> - <Import-Package>org.apache.sshd*;version="[$(version;==;${sshd.osgi.version.clean}),$(version;=+;${sshd.osgi.version.clean}))",*</Import-Package> <Export-Package>*;-noimport:=true</Export-Package> </instructions> <noWarningProjectTypes>pom</noWarningProjectTypes> ++++++ apache-sshd-2.4.0-java8.patch -> apache-sshd-2.7.0-java8.patch ++++++ --- /work/SRC/openSUSE:Factory/apache-sshd/apache-sshd-2.4.0-java8.patch 2020-07-17 20:50:31.056899479 +0200 +++ /work/SRC/openSUSE:Factory/.apache-sshd.new.1899/apache-sshd-2.7.0-java8.patch 2021-07-30 23:22:57.711584657 +0200 @@ -1,8 +1,8 @@ ---- apache-sshd-2.4.0/sshd-core/src/main/java/org/apache/sshd/common/io/nio2/Nio2Session.java 2020-07-16 23:25:44.981904289 +0200 -+++ apache-sshd-2.4.0/sshd-core/src/main/java/org/apache/sshd/common/io/nio2/Nio2Session.java 2020-07-16 23:49:34.043250054 +0200 -@@ -362,13 +362,13 @@ - if (debugEnabled) { - log.debug("handleReadCycleCompletion({}) read {} bytes", this, result); +--- apache-sshd-2.7.0/sshd-core/src/main/java/org/apache/sshd/common/io/nio2/Nio2Session.java 2021-07-30 09:48:59.082251041 +0200 ++++ apache-sshd-2.7.0/sshd-core/src/main/java/org/apache/sshd/common/io/nio2/Nio2Session.java 2021-07-30 09:54:40.568508196 +0200 +@@ -353,13 +353,13 @@ + log.trace("handleReadCycleCompletion({}) read {} bytes after {} nanos at cycle={}", + this, result, System.nanoTime() - lastReadCycleStart.get(), readCyclesCounter); } - buffer.flip(); + ((java.nio.Buffer)buffer).flip(); @@ -16,37 +16,37 @@ doReadCycle(buffer, completionHandler); } else { if (debugEnabled) { ---- apache-sshd-2.4.0/sshd-sftp/src/main/java/org/apache/sshd/client/subsystem/sftp/SftpRemotePathChannel.java 2020-07-16 23:25:44.961904157 +0200 -+++ apache-sshd-2.4.0/sshd-sftp/src/main/java/org/apache/sshd/client/subsystem/sftp/SftpRemotePathChannel.java 2020-07-16 23:38:16.702818800 +0200 -@@ -20,6 +20,7 @@ - package org.apache.sshd.client.subsystem.sftp; +--- apache-sshd-2.7.0/sshd-sftp/src/main/java/org/apache/sshd/sftp/client/impl/SftpRemotePathChannel.java 2021-07-30 09:48:59.150251491 +0200 ++++ apache-sshd-2.7.0/sshd-sftp/src/main/java/org/apache/sshd/sftp/client/impl/SftpRemotePathChannel.java 2021-07-30 09:54:40.572508221 +0200 +@@ -21,6 +21,7 @@ import java.io.IOException; + import java.io.StreamCorruptedException; +import java.nio.Buffer; import java.nio.ByteBuffer; import java.nio.MappedByteBuffer; import java.nio.channels.AsynchronousCloseException; -@@ -123,7 +124,7 @@ - int read = sftp.read(handle, curPos, wrap.array(), wrap.arrayOffset() + wrap.position(), wrap.remaining()); +@@ -153,7 +154,7 @@ if (read > 0) { + // reference equality on purpose if (wrap == buffer) { - wrap.position(wrap.position() + read); + ((Buffer)wrap).position(wrap.position() + read); } else { buffer.put(wrap.array(), wrap.arrayOffset(), read); } -@@ -191,7 +192,7 @@ - int written = wrap.remaining(); - sftp.write(handle, curPos, wrap.array(), wrap.arrayOffset() + wrap.position(), written); +@@ -258,7 +259,7 @@ + wrap.arrayOffset() + wrap.position(), written); + // reference equality on purpose if (wrap == buffer) { - wrap.position(wrap.position() + written); + ((Buffer)wrap).position(wrap.position() + written); } curPos += written; totalWritten += written; ---- apache-sshd-2.4.0/sshd-sftp/src/main/java/org/apache/sshd/server/subsystem/sftp/AbstractSftpSubsystemHelper.java 2020-07-16 23:25:44.961904157 +0200 -+++ apache-sshd-2.4.0/sshd-sftp/src/main/java/org/apache/sshd/server/subsystem/sftp/AbstractSftpSubsystemHelper.java 2020-07-16 23:51:17.255925762 +0200 -@@ -980,7 +980,7 @@ +--- apache-sshd-2.7.0/sshd-sftp/src/main/java/org/apache/sshd/sftp/server/AbstractSftpSubsystemHelper.java 2021-07-30 09:48:59.150251491 +0200 ++++ apache-sshd-2.7.0/sshd-sftp/src/main/java/org/apache/sshd/sftp/server/AbstractSftpSubsystemHelper.java 2021-07-30 09:55:19.804767492 +0200 +@@ -942,7 +942,7 @@ if (remainLen < digestBuf.length) { bb = ByteBuffer.wrap(digestBuf, 0, remainLen); } @@ -55,7 +55,7 @@ int readLen = channel.read(bb); if (readLen < 0) { -@@ -1005,7 +1005,7 @@ +@@ -967,7 +967,7 @@ if (remainLen < digestBuf.length) { bb = ByteBuffer.wrap(digestBuf, 0, remainLen); } @@ -64,7 +64,7 @@ int readLen = channel.read(bb); if (readLen < 0) { -@@ -1140,7 +1140,7 @@ +@@ -1101,7 +1101,7 @@ if (remainLen < digestBuf.length) { bb = ByteBuffer.wrap(digestBuf, 0, remainLen); } ++++++ apache-sshd-2.4.0-src.tar.gz -> apache-sshd-2.7.0-src.tar.gz ++++++ ++++ 191837 lines of diff (skipped)