[libssh2/f16] fix libssh2 failing key re-exchange when write channel is saturated (#804155)
Paul Howarth
pghmcfc at fedoraproject.org
Fri Mar 16 18:59:20 UTC 2012
commit 9731aba4aa68d6975e35b7813444aa6e35006a75
Author: Paul Howarth <paul at city-fan.org>
Date: Fri Mar 16 18:59:04 2012 +0000
fix libssh2 failing key re-exchange when write channel is saturated (#804155)
libssh2-1.2.7-bz804155.patch | 55 ++++++++++++++++++++++++++++++++++++++++++
libssh2.spec | 11 +++++++-
2 files changed, 64 insertions(+), 2 deletions(-)
---
diff --git a/libssh2-1.2.7-bz804155.patch b/libssh2-1.2.7-bz804155.patch
new file mode 100644
index 0000000..92939c4
--- /dev/null
+++ b/libssh2-1.2.7-bz804155.patch
@@ -0,0 +1,55 @@
+transport_send: Finish in-progress key exchange before sending data
+
+Backport of upstream commit cc4f9d5679278ce41cd5480fab3f5e71dba163ed
+
+_libssh2_channel_write() first reads outstanding packets before writing new
+data. If it reads a key exchange request, it will immediately start key
+re-exchange, which will require sending a response. If the output socket is
+full, this will result in a return from _libssh2_transport_read() of
+LIBSSH2_ERROR_EAGAIN. In order not to block a write because there is no data to
+read, this error is explicitly ignored and the code continues marshalling a
+packet for sending. When it is sent, the remote end immediately drops the
+connection because it was expecting a continuation of the key exchange, but got
+a data packet.
+
+This change adds the same check for key exchange to _libssh2_transport_write()
+that is in _libssh2_transport_read(). This ensures that key exchange is
+completed before any data packet is sent.
+
+diff -up libssh2-1.2.7/src/transport.c.bz804155 libssh2-1.2.7/src/transport.c
+--- libssh2-1.2.7/src/transport.c.bz804155
++++ libssh2-1.2.7/src/transport.c
+@@ -312,7 +312,7 @@ int _libssh2_transport_read(LIBSSH2_SESS
+ * is done!
+ */
+ _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
+- " key re-exchange");
++ " key re-exchange from _libssh2_transport_read");
+ rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
+ if (rc)
+ return rc;
+@@ -718,6 +718,24 @@ _libssh2_transport_write(LIBSSH2_SESSION
+ unsigned char *orgdata = data;
+ size_t orgdata_len = data_len;
+
++ /*
++ * If the last read operation was interrupted in the middle of a key
++ * exchange, we must complete that key exchange before continuing to write
++ * further data.
++ *
++ * See the similar block in _libssh2_transport_read for more details.
++ */
++ if (session->state & LIBSSH2_STATE_EXCHANGING_KEYS &&
++ !(session->state & LIBSSH2_STATE_KEX_ACTIVE)) {
++ /* Don't write any new packets if we're still in the middle of a key
++ * exchange. */
++ _libssh2_debug(session, LIBSSH2_TRACE_TRANS, "Redirecting into the"
++ " key re-exchange from _libssh2_transport_write");
++ rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state);
++ if (rc)
++ return rc;
++ }
++
+ debugdump(session, "libssh2_transport_write plain", data, data_len);
+
+ /* FIRST, check if we have a pending write to complete */
diff --git a/libssh2.spec b/libssh2.spec
index 90d172e..42ef520 100644
--- a/libssh2.spec
+++ b/libssh2.spec
@@ -1,6 +1,6 @@
Name: libssh2
Version: 1.2.7
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: A library implementing the SSH2 protocol
Group: System Environment/Libraries
@@ -8,6 +8,7 @@ License: BSD
URL: http://www.libssh2.org
Source0: http://libssh2.org/download/libssh2-%{version}.tar.gz
Patch0: libssh2-1.2.7-bz802382.patch
+Patch1: libssh2-1.2.7-bz804155.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openssl-devel
@@ -49,6 +50,9 @@ developing applications that use %{name}.
# avoid a crash of curl when downloading large files using SFTP (#802382)
%patch0 -p1
+# fix libssh2 failing key re-exchange when write channel is saturated (#804155)
+%patch1 -p1
+
# make sure things are UTF-8...
for i in ChangeLog NEWS ; do
iconv --from=ISO-8859-1 --to=UTF-8 $i > new
@@ -116,10 +120,13 @@ rm -rf %{buildroot}
%{_libdir}/pkgconfig/*
%changelog
+* Fri Mar 16 2012 Paul Howarth <paul at city-fan.org> 1.2.7-4
+- fix libssh2 failing key re-exchange when write channel is saturated (#804155)
+
* Mon Mar 12 2012 Kamil Dudka <kdudka at redhat.com> 1.2.7-3
- avoid a crash of curl when downloading large files using SFTP (#802382)
-* Sat Jun 25 2011 Dennis Gilmore <dennis at ausil.us> - 1.2.7-2
+* Sat Jun 25 2011 Dennis Gilmore <dennis at ausil.us> 1.2.7-2
- sshd/loopback test fails in the sparc buildsystem
* Tue Oct 12 2010 Kamil Dudka <kdudka at redhat.com> 1.2.7-1
More information about the scm-commits
mailing list