On Sat, Mar 28 2020, Klemens Nanni <kn@openbsd.org> wrote:
> https://www.libssh.org/2019/12/10/libssh-0-9-3-and-libssh-0-8-8-security-release/
>
> check_syms reports no dynamic symbol removals, only additions.
>
> libssh fails to build due to argp related code in the unit tests; I've
> disabled them for now to unblock the update - I could not fix it myself.
>
> There is software that apparently reuires >=0.9.0 so I'm updating to
> 0.9.3 rather than 0.8.3, and as no existing port has specific version
> requirements for <0.9.0 I currently see no reason not to.
>
> Tested with latest sysutils/tmate 2.4.0p1 on amd64 which successfully
> establishes SSH connections as client.
>
> Since this fixes CVEs, I'll add quirks if this should go in.
>
> Feedback? OK?
Looks good overall: the SHARED_LIBS bump looks correct, the header
changes don't show incompatible changes. But a few decls have been
marked deprecated, and this might cause trouble at build time so you
might want to test-build consumers (SUBDIRLIST can help here as pointed
out by sthen@).
I think it would be good to keep the unit tests, so here's an updated
diff that addresses the clash between libssh priv.h and potentially all
headers that use attribute((__unused__)). I can try to push that fix
upstream, where the problem has already been reported.
make test is happy on amd64 and sparc64.
Index: Makefile
===================================================================
RCS file: /cvs/ports/security/libssh/Makefile,v
retrieving revision 1.20
diff -u -p -r1.20 Makefile
--- Makefile 12 Jul 2019 20:49:05 -0000 1.20
+++ Makefile 30 Mar 2020 14:22:04 -0000
@@ -1,14 +1,15 @@
# $OpenBSD: Makefile,v 1.20 2019/07/12 20:49:05 sthen Exp $
COMMENT = C library implementing server and client side
-DISTNAME = libssh-0.8.7
+V = 0.9.3
+DISTNAME = libssh-${V}
-SHARED_LIBS += ssh 4.0 # 4.7
+SHARED_LIBS += ssh 4.1 # 4.8
CATEGORIES = security devel
HOMEPAGE = https://www.libssh.org/
-MASTER_SITES = https://www.libssh.org/files/0.8/
+MASTER_SITES = https://www.libssh.org/files/${V:R}/
EXTRACT_SUFX = .tar.xz
MAINTAINER = Remi Pointel <rpointel@openbsd.org>
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/libssh/distinfo,v
retrieving revision 1.14
diff -u -p -r1.14 distinfo
--- distinfo 4 Mar 2019 08:29:59 -0000 1.14
+++ distinfo 30 Mar 2020 14:22:04 -0000
@@ -1,2 +1,2 @@
-SHA256 (libssh-0.8.7.tar.xz) = QzBMoi8LoLZU4UtXSjmBa8cCEv3qWFimY3zCbK3j1ZI=
-SIZE (libssh-0.8.7.tar.xz) = 430104
+SHA256 (libssh-0.9.3.tar.xz) = LItfiU3O1Ys9Yp8W86+mViwgtL3IlGORY89leDNojww=
+SIZE (libssh-0.9.3.tar.xz) = 500068
Index: patches/patch-ConfigureChecks_cmake
===================================================================
RCS file: /cvs/ports/security/libssh/patches/patch-ConfigureChecks_cmake,v
retrieving revision 1.3
diff -u -p -r1.3 patch-ConfigureChecks_cmake
--- patches/patch-ConfigureChecks_cmake 23 Oct 2018 19:28:18 -0000 1.3
+++ patches/patch-ConfigureChecks_cmake 30 Mar 2020 14:22:04 -0000
@@ -1,9 +1,11 @@
$OpenBSD: patch-ConfigureChecks_cmake,v 1.3 2018/10/23 19:28:18 jasper Exp $
+Fix exit code.
+
Index: ConfigureChecks.cmake
--- ConfigureChecks.cmake.orig
+++ ConfigureChecks.cmake
-@@ -259,7 +259,7 @@ check_c_source_compiles("
+@@ -302,7 +302,7 @@ check_c_source_compiles("
__thread int tls;
int main(void) {
Index: patches/patch-examples_sshd_direct-tcpip_c
===================================================================
RCS file: patches/patch-examples_sshd_direct-tcpip_c
diff -N patches/patch-examples_sshd_direct-tcpip_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-examples_sshd_direct-tcpip_c 30 Mar 2020 14:22:04 -0000
@@ -0,0 +1,30 @@
+$OpenBSD$
+
+Fix macro collision with __attribute__ ((__unused__)) in system-wide headers.
+Problem known upstream: https://bugs.libssh.org/T175
+
+Index: examples/sshd_direct-tcpip.c
+--- examples/sshd_direct-tcpip.c.orig
++++ examples/sshd_direct-tcpip.c
+@@ -35,16 +35,16 @@ clients must be made or how a client should react.
+
+ #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)
+
+-#ifndef __unused__
++#ifndef ssh__unused
+ # ifdef HAVE_UNUSED_ATTRIBUTE
+-# define __unused__ __attribute__((unused))
++# define ssh__unused __attribute__((unused))
+ # else /* HAVE_UNUSED_ATTRIBUTE */
+-# define __unused__
++# define ssh__unused
+ # endif /* HAVE_UNUSED_ATTRIBUTE */
+-
No comments:
Post a Comment